On Wed, 29 May 2002 17:23:17 +0100 (BST), Mark Fowler wrote:
> my $foo = { delete => $cgi->param("delete") };
>
> May not do what you think, especially if someone went
>
> foo.cgi?delete=1;delete=filename;delete=/etc/shadow
Hey, don't spoil the only good bit of my TPC talk!
--
Peter Haworth [EMAIL PROTECTED]
'Are you *really* willing to deal with hundreds of newbies who don't
understand why $a . $b isn't the same as $a .$b and isn't the same as
$a. $b and isn't the same as $a.$b? And do you realise what the only
"good" answer we can possibly give them is? "Because Ed said so".'
-- Simon Cozens
