On 13/07/07, MJ Ray mjr@phonecoop.coop wrote:
"Greg Thomas" Greg@TheThomasHome.co.uk wrote:
On 12/07/07, MJ Ray mjr@phonecoop.coop wrote:
+1 to the comment about using a framework, but if you want to do this directly, [...]
But don't do it. Frameworks help reduce (but not eliminate) security flaws. If you're using Perl, use CGI.pm to interact with the browser.
CGI.pm is barely a framework (I think things like Mason, Cake, Rails... are better examples)
True, bad phrasing of that bit on my behalf.
and it's debatable whether the described application would get a net security benefit from using 5% of a framework instead of a Keep It Simple and Stupid approach.
The OP discussed using environment variable to access CGI information. If you're at that raw level of programming, any toolkit or framework is going to make life easier for you. And easier means less flaws.
Greg