On Friday 27 May 2011 15:51:21 Agnello George wrote: > On Fri, May 27, 2011 at 6:05 PM, Shlomi Fish <shlo...@iglu.org.il> wrote: > > On Friday 27 May 2011 13:48:21 Agnello George wrote: > > > Hi > > > > > > > > > is there a way i can display on my browser with a new-line or <br/> > > > > First of all, make sure you avoid HTML-injection/cross-site-scripting > > (XSS) attacks: > > > > http://community.livejournal.com/shlomif_tech/35301.html > > > > Then you can use something like: > > $s =~ s{\n}{<br />}g; > awesome!! it works > > i had to do some thing like this !! > > my $select_dom0_data = $DBH->selectall_hashref("select > dom0_name,cpu,lvm,ram,ip,application,assigned_to from dom0_info where > dom0_name='$dom0_server' and rid=$rack_n",'dom0_name' ); >
This interpolation of string variables into an SQL statement is an SQL injection attack waiting to happen: * http://en.wikipedia.org/wiki/SQL_injection * http://community.livejournal.com/shlomif_tech/35301.html * http://bobby-tables.com/ Please avoid it by using placeholders. > $select_dom0_data->{$dom0_server}{lvm} =~ s{\n}{<br />}g; ; You probably should assign that to a temporary variable. Regards, Shlomi Fish -- ----------------------------------------------------------------- Shlomi Fish http://www.shlomifish.org/ Best Introductory Programming Language - http://shlom.in/intro-lang My Commodore 64 is suffering from slowness and insufficiency of memory, and its display device is grievously short of pixels. Can anybody help? -- Omer Zak Please reply to list if it's a mailing list post - http://shlom.in/reply . -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
