Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #11681
| From | Nobody <nobody@nowhere.com> |
|---|---|
| Subject | Re: CGI: Assign FieldStorage values to variables |
| Date | 2011-08-17 13:45 +0100 |
| Message-Id | <pan.2011.08.17.12.45.36.46000@nowhere.com> |
| Newsgroups | comp.lang.python |
| References | <92d066ff-d0ee-432f-b512-1f2fa01ba681@a12g2000yqi.googlegroups.com> |
| Organization | Zen Internet |
On Wed, 17 Aug 2011 02:06:31 -0700, Gnarlodious wrote:
> I get a construct like this:
>
> form=FieldStorage(None, None, [MiniFieldStorage('name1', 'Val1'),
> MiniFieldStorage('name2', 'Val2'), MiniFieldStorage('name3', 'Val3')])
>
> Now how would I assign every variable name* its value?
Don't do this. It will allow the user to set any variable they wish,
not just the ones you want them to, which is a major security flaw. PHP
had this as a language feature (controlled by the register_globals
directive), and it was rightly decried as a major security flaw.
Back to comp.lang.python | Previous | Next — Previous in thread | Find similar | Unroll thread
CGI: Assign FieldStorage values to variables Gnarlodious <gnarlodious@gmail.com> - 2011-08-17 02:06 -0700
Re: CGI: Assign FieldStorage values to variables Gnarlodious <gnarlodious@gmail.com> - 2011-08-17 02:19 -0700
Re: CGI: Assign FieldStorage values to variables Chris Angelico <rosuav@gmail.com> - 2011-08-17 10:41 +0100
Re: CGI: Assign FieldStorage values to variables Chris Rebert <clp2@rebertia.com> - 2011-08-17 09:23 -0700
Re: CGI: Assign FieldStorage values to variables Chris Angelico <rosuav@gmail.com> - 2011-08-17 10:25 +0100
Re: CGI: Assign FieldStorage values to variables Gnarlodious <gnarlodious@gmail.com> - 2011-08-17 20:52 -0700
Re: CGI: Assign FieldStorage values to variables Gnarlodious <gnarlodious@gmail.com> - 2011-08-17 02:20 -0700
Re: CGI: Assign FieldStorage values to variables Nobody <nobody@nowhere.com> - 2011-08-17 13:45 +0100
csiph-web