Re: Best way to untaint


Clear questions and runnable code get the best and fastest answer
	PerlMonks

Re: Best way to untaint

by Tomte (Priest)

on Jun 24, 2004 at 13:35 UTC ( [id://369353]=note: print w/replies, xml )

Need Help??

in reply to Best way to untaint

1) Always check for success of your match-operators:

my ($u_firstname, $u_lastname) = ("Bogus", "Bogus");

if (param('firstname') =~ /^([a-zA-Z]+)$/) {
         $u_firstname = $1;
} else {
    # handle bogus case
}

if (param('lastname') =~ /^([a-zA-Z]+)$/) {
         $u_lastname = $1;
} else {
    # handle bogus case
}
[download]

2: do you redirect, or do you use internal requests? in both cases appending the parameters that need to be passed on to the query-string of the url you redirect to/process internally should work; if you do internal requests, use LWP::UserAgent and POST the requests with the needed parameters added according to the respective documenation.

regards,
tomte

An intellectual is someone whose mind watches itself.
-- Albert Camus

Comment on Re: Best way to untaint Select or Download Code

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://369353]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others surveying the Monastery: (3)

As of 2024-04-26 03:29 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found