Andrew Hughes wrote:
> I need help. I inherited this script that adds people to a text file for > our mailing list. It works in Explorer. However, it does not work in > Netscape. Valid email addresses are blocked and the subroutine dienice is > called in Netscape. It is pretty short and simple. I do not have time to > rewrite it right now. Could anyone make any suggestions? This script has a lot of the warning signs of a problem. No taint checking, lack of warnings and use strict, roll your own parameter parsing, no indentation and a broken email validation regex. Ideally you should fix all of these things. If you don't have time- well, be aware that poorly written cgi scripts can be quite dangerous. It's probably worth some of your time to make sure that your script works and is safe. Since dienice is getting called in the cases where the script fails, and since dienice only appears once in your script, it seems that in these cases the submitted email is failing your validation test. If this is happening only in Netscape it probably has something to do with the parameter parsing. (I could be missing something obvious, I only gave it a quick look- the point is that you should make these changes anyway, and it's silly to spend much time debugging this before fixing the obvious problems). In general you should not decode forms yourself. Try converting to Cgi.pm. Please see the faq How do I decode a CGI form? in perlfaq9. Please also see the faq How do I check a valid mail address, also from perlfaq9. The gist of it is that you shouldn't do it with a simple regex. There are plenty of valid email addresses that this regex will fail for, and even if an address passes there is no guarantee that it is a real address, or that it is the address of the person who submitted the form. Also, if you need to write data to an Excel spreadsheet there are modules to do that. Look at CPAN. I've never done this, so for all I know what's being done in your script is perfectly reasonable. But using a module might make your life a little easier. Anyway, I'm sorry to say that I think that if you want this script to work and be safe, you're going to have to rewrite it, at least partially. Tagore Smith -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
