Re: Back to acceptable untainted characters

Replies are listed 'Best First'.
Re: Re: Back to acceptable untainted characters by bradcathey (Prior) on Sep 07, 2003 at 02:39 UTC
Ahhh, so it's ME I need to watch, and not so much the user? Good point. Thanks. BTW, I am escaping the single ' for MySQL use, for obvious reasons.	[reply]
•Re: Re: Re: Back to acceptable untainted characters by merlyn (Sage) on Sep 07, 2003 at 02:53 UTC
What "obvious reasons"? If you were using placeholders like you should be, you'd not have to worry about that. -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]
Re: •Re: Re: Re: Back to acceptable untainted characters by bradcathey (Prior) on Sep 07, 2003 at 12:31 UTC
I'm honored merlyn. I've read and read about your terse replies, and now I'm the proud owner of one. But seriously, thanks for the admonition. I haven't been consistent about using placeholders, but I'm becoming a reformed coder. Once I started hanging around the monastery, I knew that if I paid attention to the superiors, my code would grow up.	[reply]
Re: •Re: Re: Re: Back to acceptable untainted characters by wolis (Scribe) on Sep 09, 2003 at 03:29 UTC
Placeholders? `___ /\__\ "What is the world coming to?" \/__/ www.wolispace.com` [download]	[reply] [d/l]
•Re: Re: •Re: Re: Re: Back to acceptable untainted characters by merlyn (Sage) on Sep 09, 2003 at 03:51 UTC
Re: Re: Back to acceptable untainted characters by Jeppe (Monk) on Sep 08, 2003 at 11:12 UTC
I have to disagree. For the integrity of your own server, you are (I believe) correct. But if someone evil submits code that breaks into the browser of whoever is reading the text, that one with the compromized system will not be pleased (s)he used your solution. So, please strip scripts as a bare minimum.	[reply]


good chemistry is complicated, and a little bit messy -LW
	PerlMonks