MySQL Forums
Forum List  »  Perl

Re: Check my code please... HTML form->Perl->mySQL db
Posted by: Rick James
Date: April 01, 2009 12:44AM

#!/usr/bin/perl   -- needs to be very first line in perl script

$fname =~ s/<([^>]|\n)*>//g; --> 
$fname =~ s/<.*?>//gsm;    # simpler

else if ( isNaN( document.registration_form.zip.value ) )  -->
else if (document.registration_form.zip.value == "")   // it is a string
// probably want the is-a-number function

if ( valid == true )  -->
if (valid)

values("$fname","$lname","$address","$city","$state","$zip","$phone","$email")');
 -- escape them to avoid SQL-injection and '"' in input.

You could be a nice guy and trim leading and trailing white space off inputs before testing.

'sub' can occur after calling it.

Options: ReplyQuote


Subject
Written By
Posted
Re: Check my code please... HTML form->Perl->mySQL db
April 01, 2009 12:44AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.