Order
Essential Perl 5 for Web Professionals
Item Description: Supposed to help new folks learn CGI. Fails miserably.
Review Synopsis: This book ignores ALL CGI security issues using oversimplified and underexplained examples.
This book ignores ALL CGI security issues including:
- the use of CGI.pm- it provides its own POST splitter which would mess up on the simplest of unwanted data and provide a potential area for bombing.It doesn't even mention it.
- Taint checking- doesn't even mention it.
- the warning flag- doesn't even mention it.
Continuing on, it provides oversimplified examples of a "search engine" while not even explaining what happens when a CGI script is initiated. This book focuses alot more on HTML than it does on Perl! Supposedly written by "web professionals" that worked on commercial websites, I doubt that these guys actually wrote scripts in the same manner that they explain in the book. This is yet another perl dud. For the sake of Internet security, PLEASE DO NOT BUY OR USE THIS BOOK. 0 stars.
(redmist) RE: Essential Perl 5 for Web Professionals
by redmist (Deacon) on Oct 08, 2000 at 04:03 UTC
|
The same thing goes for "Using Perl 5 for Web Programming." No talk of -T or -w...and get this: it does not even mention CGI.pm!!! It's ridiculous that, knowing virtually nothing about CGI, I am able to be shocked and dismayed at the atrocious CGI programming practices displayed in this book. Absurd!
redmist
redmist.dyndns.org
email::redmist
| [reply] [Watch: Dir/Any] |
Re: Essential Perl 5 for Web Professionals
by ichimunki (Priest) on Dec 23, 2000 at 06:56 UTC
|
I can't remember which book came first, but I think this was my second
web how-to book (the first one concentrated on HTML tricks and JS goodies-- almost all stuff I frown on now).
While I'm certainly glad this book gave me a gentle introduction to Perl, I have to
agree that it is completely worthless. The book is designed to enable cut & paste web
development of the worst kind, and only for the most minimal kinds of sites.
The guestbook sample code has no mention of the huge security risk this sort of scripting
can pose, and does nothing to mitigate it.
I couldn't agree with this review more. I feel like having started with Perl via this book, that my
Perl programming has suffered for a long time. THIS BOOK SUCKS. | [reply] [Watch: Dir/Any] |