Basic FORM Q (cgi/pl)
(this is more general Q than html or perl, so I posted it here)
I recently added a feedback form on my site. I put the perl script for it in the cgi/bin, and it's linked-to via a dozen different pages. It works fine, at least seems to, but since I'm not very hip about this aspect of online things (servers etc... I'm fine with HTML, CSS, etc) I had some basic concerns.
1/ I've read there are exploits to corrupt such files in cgi bins... so I used a script from Perlmongers (it's pretty big... 73K) which is supposed to be secure from such things. Are there simpler scripts that are OK to use... or not? Or is php a better way to go (something I know even LESS about... LOL).Primary question is, what is the worst case thing that could happen here. I'm well aware of the worst case scenarios in the e-mail protocol world. Since I need a password to access my web folders via my ftp program (including the cgi bin), is that enough "protection" or am I being paranoid? I'm most concerned about someone (surreptitiously) re-directing form requests to another e-address, or just dead-ending them or something.
2/ I'm also wondering about the ability of robots to harvest my e-mail addy from the html of the page my form is on. The perl script I used requires this (standard) hidden value in the html:
<input type=hidden name="recipient" value="email@example.com">
Thanks Bob... I'll look into getting a script that doesn't require that HTML-form tag on the form's page.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)