In your case, all you really need to do make sure that the
id the user submits is valid.
my $rpt_id = $CGI->param('rpt_id');
# trim any leading or trailing whitespace
$rpt_id =~ s/^\s*//;
$rpt_id =~ s/\s*$//;
# assuming report id is suppose to only contain digits
unless ($rpt_id =~ /^\d+$/) {
# handle error - id contains more than digits
}
is just one example of "untainting" your paramaters that
are submitted by someone (who could be trying to crack
your CGI script). I recommend adding the taint switch to
your "shebang" line:
#!/usr/local/bin/perl5_8 -T
Since you have already untainted $rpt_id by
making it part of $rpt_tmpl like so:
my $rpt_tmpl = "cnc1_rpt" . $rpt_id . "_summary.tmpl";
# another way to achieve the same result:
my $rpt_tmpl = "cnc1_rpt@{[$rpt_id]}_summary.tmpl";
# and yet anther way
my $rpt_tmpl = sprintf("cnc1_rpt%d_summary.tmpl", $rpt_id);
you shouldn't have to worry about devious folks getting at
other files like you would with the following DANGEROUS
code:
my $file = $CGI->param('file');
open FH, '<', "$PATH/$file";
Even though you supply the path, the user can still submit
something like ../../../etc/passwd ... bad.
Your code appears safe enough as it is, but ... it's still a
good idea to make sure that what you let the user to submit
is restricted.
|