From aaron.trevena at gmail.com Wed Jun 1 22:44:05 2011 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Thu, 2 Jun 2011 06:44:05 +0100 Subject: [DCPM] [Job] Perl / Python Developer for Cornwall-based Scrum Team In-Reply-To: References: Message-ID: On 1 April 2011 15:42, Aaron Trevena wrote: > Craig has posted a job ad for a Perl / Python Developer at > http://jobs.perl.org/job/13932 it will be based at the new Pool > Innovation Centre . > > It's not often you see this kind of role locally so I thought it worth > posting here. The senior perl developer role is still available and we're interviewing now, details are at http://jobs.perl.org/job/13932. The office is in the shiny new Pool Innovation Centre and we're a scrum-tastic team. Cheers, A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting From simon at technocool.net Sat Jun 11 22:17:57 2011 From: simon at technocool.net (Simon Waters) Date: Sun, 12 Jun 2011 06:17:57 +0100 Subject: [DCPM] CGI::FormBuilder and Taint Message-ID: <4DF44C05.8030704@technocool.net> Wrote a little CGI wrapper script for wkhtmltopdf. Found that the CGI::FormBuilder validation doesn't seem to untaint data it has validated. Am I missing something here, as this would seem a natural thing to do in the validation step? Also having to manually declare things that are a select should have the values associated with the select seems redundant. i.e. if "Gender" options are "Male"/"Female"/"Don't Know" then you have to tell it this to generate the select and also repeat yourself in the validate (I can imagine cases where you don't want this, but they could be done with a flag that says "allow write-ins"). My instinct is the whole thing could be made more comprehensive, but presumably folks didn't want to do that this way. On the other hand I hadn't used it before, and it seems to do the job nicely. From aaron.trevena at gmail.com Sun Jun 12 12:40:02 2011 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Sun, 12 Jun 2011 20:40:02 +0100 Subject: [DCPM] CGI::FormBuilder and Taint In-Reply-To: <4DF44C05.8030704@technocool.net> References: <4DF44C05.8030704@technocool.net> Message-ID: On 12 June 2011 06:17, Simon Waters wrote: > Wrote a little CGI wrapper script for wkhtmltopdf. > > Found that the CGI::FormBuilder validation doesn't seem to untaint data > it has validated. I can't remember the last time I ran perl in Taint mode.. modern good practise renders it moot. > Am I missing something here, as this would seem a natural thing to do in > the validation step? Few people still use it outside 90s style CGI scripts IME. > My instinct is the whole thing could be made more comprehensive, but > presumably folks didn't want to do that this way. On the other hand I > hadn't used it before, and it seems to do the job nicely. Have you looked at other form handling modules on CPAN? I rather like Data::FormValidator, although the newer nicer alternative to that is http://search.cpan.org/perldoc?Data::Verifier, you might also like Spark::Form which seems quite nice - but I haven't used it yet. A -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting From aaron.trevena at gmail.com Wed Jun 29 13:44:54 2011 From: aaron.trevena at gmail.com (Aaron Trevena) Date: Wed, 29 Jun 2011 21:44:54 +0100 Subject: [DCPM] Yet more perl jobs in cornwall Message-ID: Hi all, My rather cool/funky/nice employers (http://www.headforwards.com) are recruiting 5 more perl developers.. possibly looking at cross-training from PHP, JSP or python for 1 or 2 junior roles, as well as wanting 3 or 4 intermediate and senior perl developers .. full details should be at http://jobs.perl.org/ in a few days.. or poke/follow @headforwards on twitter. Development is on a LAMPPP (Linux, Apache, Postgres, Mysql, Perl, Python) platform/stack for blue chip clients, in our shiny new office at the Pool Innovation Centre in Pool (and yes the superfast broadband lives up to it's name). Sorry for the teaser.. waiting for full job spec to go up on websites.. I'm mostly rather impressed that we're able to grow a LAMP development team in cornwall working for big european/international clients A. -- Aaron J Trevena, BSc Hons http://www.aarontrevena.co.uk LAMP System Integration, Development and Consulting