Hi,
I was looking at a perl script where the developer used different names
for the incoming parameters and the database field names. He told me
that this was done for security reasons-- to ensure that malicious users
would not be able to discover the field names in the database being
updated or queried. How dangerous is this? I think it would be easier to
work with a hash of parameters from the input form.
I'm using cg.pm, DBI, and postgresql.
Thanks.
Michael Fahey
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
