Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.

Re^2: Wget using backquotes

by hacker (Priest)
on Feb 18, 2007 at 19:07 UTC ( [id://600736] : note . print w/replies, xml ) Need Help??

in reply to Re: Wget using backquotes
in thread Wget using backquotes

As I previously mentioned... you want IPC::Run or IPC::Open3...

You do not want to use system here either. Well ok, you CAN use system in "list mode" here to avoid spawning a shell, but this is NOT what zentara showed you, that approach is unsafe.

Using "backticks" (otherwise properly known as "accent grave" is deathly unsafe, and you should never use anything of the sort. From the pod:

IPC::Open3, open3 - open a process for reading, writing, and error handling

Also, you should be using one of the standard LWP modules here, and catching the response codes that come back, instead of relying on a userland binary (which can easily be faked, opening a hole in your system).

If you don't value the security of the system, then go ahead and implement the unsafe, incorrect approach.