[TriLUG] perl: how to initialise a variable that I want to be NULL
Joseph Mack NA3T
jmack at wm7d.net
Sun Aug 16 21:14:40 EDT 2009
On Sun, 16 Aug 2009, William Sutton wrote:
> If you're taking user input and passing it straight
> through to the database, that's dangerous.
ah yes, little Bobby Tables
http://imgs.xkcd.com/comics/exploits_of_a_mom.png
> I suggest reading up on placeholders and validating user
> input.
good idea and timely warning. I've been up to my neck in
figuring out the calls to the database (it's Z3950, not sql)
and had forgotten about all of this. AFAIK the server is
hardened against tainted strings. I asked about it early in
the project, but never got an answer. I'll ask again.
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
More information about the TriLUG
mailing list