QA

 <  Day Day Up  >  

Q&A

Q1:

I can't get the form submission to work; I keep getting an error.

A1:

Try using the CGI debugging guide from Hour 21, "Introduction to CGI," to find your problem. Just because it's a form doesn't mean that debugging it is any different from debugging normal CGI.

Q2:

I just found this great program on the Internet, but I don't understand why it's trying to use $ENV{QUERY_STRING} to get the form parameters.

A2:

The author of that program decided to forgo the CGI module's form-processing capabilities. This fact indicates that it is either a very old Perl program that predates the CGI module or that the author decided to use his or her own form-processing code. Either way, this is a good indication that the program should be looked at skeptically and used cautiously.

Q3:

When I run programs with the “T option in the #! line, from the command prompt, I get the error Too late for “T option and then the program stops. Why?

A3:

The “T option must be given to Perl as soon as possible so that it knows to look for tainted data. By the time the #! line in your program was processed, it was too late ”Perl had already processed your command line options without tainting. To run Perl from a command prompt ”for example, in the debugger ”you need to specify the “T on the command prompt as well, before any other options:

 perl T d foo.cgi 

Q4:

Will Perl's data-tainting capabilities keep me from making stupid mistakes in my CGI programs? Are they guaranteed to be secure now?

A4:

No CGI program is completely secure. The data-tainting capabilities of Perl go a long way toward keeping you from making silly mistakes, but they do not guarantee secure programs.

 <  Day Day Up  >  


SAMS Teach Yourself Perl in 24 Hours
Sams Teach Yourself Perl in 24 Hours (3rd Edition)
ISBN: 0672327937
EAN: 2147483647
Year: 2005
Pages: 241

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net