On Mon, 03 Dec 2007 16:40:16 +0100, Bogart Salzberg wrote: > Perl has a "taint" mode (add switch "-T" to the command line or > shebang line, as in "#!/usr/bin/perl -T"). The taint mode, I think, > prevents user input from being used in unsafe operations until it is > filtered by a regular expression. > > Taint mode is not as comprehensive as PHP's safe mode. Type "perldoc > perlsec" on the command line for a good tutorial on security in Perl.
You should also add 'use strict' & 'use warnings' to your perl scripts, they're both very useful for keeping your code healthy. http://perlmonks.org/?node_id=111088 > Perl also does not have a built-in "mail" function. You can use MIME::Lite for that, or write directly to sendmail. You probably don't want to allow people to enter the email destination address. -- Stephen Patterson :: [EMAIL PROTECTED] :: http://patter.mine.nu/ GPG: B416F0DE :: Jabber: [EMAIL PROTECTED] "Don't be silly, Minnie. Who'd be walking round these cliffs with a gas oven?" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
