Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re: Re: Re: Re: A serious security problem with CGI.pm 3.01?

by sierrathedog04 (Hermit)
on Jul 12, 2001 at 05:50 UTC ( [id://95903]=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Re: A serious security problem with CGI.pm 3.01?
in thread A serious security problem with CGI.pm 3.01?

I like CGI.pm, but my very successful six-figure per annum website brother refuses to use it. He says that CGI.pm hides from the programmer what is going on and gives the impression that running CGI is some arcane and mysterious art.

I asked my brother what about using param() to handle non-standard characters in HTML form input. He said he has a few regexes that do it and he doesn't need Lincoln Stein's code to check input for him.

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: A serious security problem with CGI.pm 3.01?
by pileswasp (Monk) on Aug 10, 2001 at 13:46 UTC
    Way, way back in like 1998 or something in TPJ (bless its little cotton socks) there was an article called something like "Perl Heresies". One of the heresies in this article was that you should <STONG>always use modules.

    Before I get jumped on I'll explain the rest of its gist.

    The argument went something along the lines that, if it's work related then you have a responsibility to your client/employer/whatever to write good code efficiently and quickly, so, in this situation, modules - particularly ones such as CGI.pm - are a good thing, but that, in certain circumstances it can be much more efficient to write a quick line or two to handle a small portion covered by a module rather than go to the trouble of loading a whopping great module in (I think the example was Date::Manip and figuring out what day it was yesterday or something)
    However, when it comes to "messing around", re-inventing the wheel can be really good for you. It will give you a much better understanding of what goes on behind the scenes when you are using other peoples modules and if you ever have to invent the wheel for some reason then you're not going to be totally clueless and starting from scratch.

    My apologies to the author of the article if I've totally mis-represented it :)

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://95903]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others meditating upon the Monastery: (4)
As of 2024-03-29 09:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found