FAQ

On Friday 27 May 2011 15:51:21 Agnello George wrote:
On Fri, May 27, 2011 at 6:05 PM, Shlomi Fish wrote:
On Friday 27 May 2011 13:48:21 Agnello George wrote:
Hi


is there a way i can display on my browser with a new-line or <br/>
First of all, make sure you avoid HTML-injection/cross-site-scripting
(XSS) attacks:

http://community.livejournal.com/shlomif_tech/35301.html

Then you can use something like:
$s =~ s{\n}{<br />}g;
awesome!! it works

i had to do some thing like this !!

my $select_dom0_data = $DBH->selectall_hashref("select
dom0_name,cpu,lvm,ram,ip,application,assigned_to from dom0_info where
dom0_name='$dom0_server' and rid=$rack_n",'dom0_name' );
This interpolation of string variables into an SQL statement is an SQL
injection attack waiting to happen:

* http://en.wikipedia.org/wiki/SQL_injection

* http://community.livejournal.com/shlomif_tech/35301.html

* http://bobby-tables.com/

Please avoid it by using placeholders.
$select_dom0_data->{$dom0_server}{lvm} =~ s{\n}{<br />}g; ;
You probably should assign that to a temporary variable.

Regards,

Shlomi Fish

--
-----------------------------------------------------------------
Shlomi Fish http://www.shlomifish.org/
Best Introductory Programming Language - http://shlom.in/intro-lang

My Commodore 64 is suffering from slowness and insufficiency of memory, and
its
display device is grievously short of pixels. Can anybody help? -- Omer Zak

Please reply to list if it's a mailing list post - http://shlom.in/reply .

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 4 of 9 | next ›
Discussion Overview
groupbeginners @
categoriesperl
postedMay 27, '11 at 10:48a
activeMay 29, '11 at 6:34p
posts9
users3
websiteperl.org

People

Translate

site design / logo © 2021 Grokbase