What is the safest method to receive form input to a cgi script? Could someone please post the code? I've seen lots of different routines in other's scripts, so I am not sure which ones to use, and some of my obsolete scripts have huge security holes in them (which I think is from the form handling routine, plus two of my scripts used cgi-lib.pl...anyway) So...TIA :)

J

There are only 2 ways to deliver form input... POST or GET. If you dont want the user to see what he/she typed, use POST. You can find the code to parse a POSTed form in almost any beginning PERL tutorial.

There is no "secret" way in my knowledge to otherwise transmit form data... if you POST under a secure connection...that should be good enough...

(What are the security risks you found? - If you want to pass on the form data to another form, you will have to use hidden variables which are clearly visible from the html page's source... but thats all I can think of... :))