diff options
| author | ivan <ivan> | 1999-08-23 12:26:37 +0000 |
|---|---|---|
| committer | ivan <ivan> | 1999-08-23 12:26:37 +0000 |
| commit | 60980ca92d257c48503c9fb7c9613a0aedd37978 (patch) | |
| tree | d2a916f1a695ebc86924a27ea5b81832c3796da7 | |
| parent | 15b530404a67b933230a80497f620b751fb5a6e1 (diff) | |
need to untaint the command line
| -rwxr-xr-x | test/cgi-test | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/test/cgi-test b/test/cgi-test index e88bfd750..5f2f07f97 100755 --- a/test/cgi-test +++ b/test/cgi-test @@ -1,6 +1,6 @@ #!/usr/bin/perl -Tw # -# $Id: cgi-test,v 1.1 1999-04-08 13:05:40 ivan Exp $ +# $Id: cgi-test,v 1.2 1999-08-23 12:26:37 ivan Exp $ # # This is the beginning of a test suite for the web interface. # It's also excellent for populating your database with some meaningful test @@ -12,7 +12,10 @@ # libwww-perl working with SSL to use this.) # # $Log: cgi-test,v $ -# Revision 1.1 1999-04-08 13:05:40 ivan +# Revision 1.2 1999-08-23 12:26:37 ivan +# need to untaint the command line +# +# Revision 1.1 1999/04/08 13:05:40 ivan # web interface tester / sample data creator # @@ -23,6 +26,10 @@ use CGI; use LWP::UserAgent; my ( $base_url, $username, $password ) = ( shift, shift, shift ); +#trust 'em +$base_url =~ /^(.*)$/; $base_url = $1; +$username =~ /^(.*)$/; $username = $1; +$password =~ /^(.*)$/; $password = $1; my @data = &big_ugly_data_structure; |