We have our first iteration planning meeting done. As this project will have only one "iteration", we pretty much need to get it pretty darned close to perfect the first time so a lot of nit-picky questions were asked. Unfortunately, right before I left yesterday, I received another "critical" task regarding my other project ("yes, Ovid, we know that the POS is our first priority. So is this").
On the plus side, much of the conversion work to DBI should be done today and the iteration meeting revealed that much of what we need is already in place. This is still doable.
Update: Hoo boy. Getting my other work done will take longer than expected. I'm working on the code written by a programmer that we had to let go. We have a form whose data and a file attachment are being emailed. The programmer put the To: address in the form, so someone can easily munge it to anonymously send email anywhere (can you say "Spam" boys and girls?). To try and limit file size, here's what the programmer did:
It gets worse. The programmer didn't check to see if the open was successful, but didn't tell our admin about needing to save a file, so permissions weren't set on the directory and the open always fails silently, so preventing a denial of service by limiting file size has failed miserably.
Apparently, the programmer jumped through these hoops because $CGI::POST_MAX wasn't working: he set that value after reading all of the data, thus making it useless.
I don't feel so bad about my code, now