David vd Geer Inhuur tbv IPlib wrote:
> #!/user/cadiclab/bin/perl
>
> use CGI qw(:standard);
>
> $first = param('userid');
> $last = param('pw');
> $hide1 = param('hide1');
> $hide2 = param('hide2');
>
> print header,
> start_html(-BGCOLOR=>"#99cccc"),
> start_form;
>
> print "Hallo userid: $first with password: $last <br><br>";
> print "Hidden fields are; <br><br>Field1: $hide1 <br>Field2: $hide2 <br>";
this is dangerous!
you are taking user input and printing it directly to the browser
without any html escaping!
please read this:
http://www.perl.com/pub/a/2002/02/20/css.html
as for your question - have you tried using .htaccess?
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
