David vd Geer Inhuur tbv IPlib wrote: > #!/user/cadiclab/bin/perl > > use CGI qw(:standard); > > $first = param('userid'); > $last = param('pw'); > $hide1 = param('hide1'); > $hide2 = param('hide2'); > > print header, > start_html(-BGCOLOR=>"#99cccc"), > start_form; > > print "Hallo userid: $first with password: $last <br><br>"; > print "Hidden fields are; <br><br>Field1: $hide1 <br>Field2: $hide2 <br>";
this is dangerous! you are taking user input and printing it directly to the browser without any html escaping! please read this: http://www.perl.com/pub/a/2002/02/20/css.html as for your question - have you tried using .htaccess? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]