> print CGI::header();
> print "hello\n";
> print "foo\n";
> print "bar\n";
> foreach my $line (<FILE>) {
> my $result = &do_something($line);
> }
> use LWP::Simple;
> my $credit_card_server = "secure.mybank.com";
> my $username = "my_secret_username";
> my $password = "my_password";
> for $name (param()) {
> $$name = param($name);
> }
>
> my $result = get("https://$credit_card_server/refund.pl?";.
> "username=$username&password=$password&".
> ...some more details about what to refund...
> );
>
> a sneaky user could easily redefine "$credit_card_server",
Point well made. Thought about your examples in relation to my script and went
through perlvar but as yet haven't found an exploit. Hoping you'll be willing
to try to break it when it is just about ready for prime time. Won't be bitten
by $/, etc. The last one can be cured by reversing the order:
for $name (param()) {
$$name = param($name);
}
use LWP::Simple;
$credit_card_server = "secure.mybank.com";
$username = "my_secret_username";
$password = "my_password";
But again, you raise important red flags. I'll continue watching for
'critical' in my particular script. For others, people who don't like
skydiving with an unchecked parachute, to safely save space consider just
limiting the vars:
my @vars = ('one','two','three');
for $name (@vars) {
$$name = param($name);
}
print "\$one $one<br>
\$two $two<br>
\$three $three<br>
";
Otherwise I would probably place the:
$one = param(one);
$two = param(two);
$three = param(three);
etc... quasi ad infinitum
....into a 'sub initialize' at the bottom of the script.
Take care,
Gary
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
