On 9/26/05, John Krystynak <[EMAIL PROTECTED]> wrote: > Nice stuff. > > I have a question about validation. How would you ensure that form fields > don't have bad html or SQL injection? > > I tried the beer form, and it accepts things like html tags, and form > elements. Some strange thing happen when you > do that...
I can't find any switch to turn on HTML-escaping for form output, might be worth suggesting that on the CGI-FB list. You can pass coderefs in the validate or auto-validate options, see the CGI::FormBuilder docs for the new() method. Hook that into your favourite CPAN validation module. d. ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Maypole-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/maypole-users
