[ALUG] Creating Customer Login facility on a website
Greg Thomas
Greg at TheThomasHome.co.uk
Fri Jul 13 17:06:55 BST 2007
On 13/07/07, MJ Ray <mjr at phonecoop.coop> wrote:
> "Greg Thomas" <Greg at TheThomasHome.co.uk> wrote:
> > On 12/07/07, MJ Ray <mjr at phonecoop.coop> wrote:
> > > +1 to the comment about using a framework, but if you want to do this
> > > directly, [...]
> > But don't do it. Frameworks help reduce (but not eliminate) security
> > flaws. If you're using Perl, use CGI.pm to interact with the browser.
>
> CGI.pm is barely a framework (I think things like Mason, Cake,
> Rails... are better examples)
True, bad phrasing of that bit on my behalf.
> and it's debatable whether the described
> application would get a net security benefit from using 5% of a
> framework instead of a Keep It Simple and Stupid approach.
The OP discussed using environment variable to access CGI information.
If you're at that raw level of programming, any toolkit or framework
is going to make life easier for you. And easier means less flaws.
Greg
More information about the main
mailing list