Gossamer Forum: General: Perl Programming: QPoll 3.1 by Taro Sato

Jan 7, 2003, 2:39 PM

Curt

User (91 posts)

Jan 7, 2003, 2:39 PM

Post #1 of 9

Shortcut

QPoll 3.1 by Taro Sato

Does anyone know if Taro Sato's "QPoll" is still being updated? I have QPoll 3.1 from 2000 and when I go to the last URL I have for QPoll it is missing.

The last URL I can find is http://ethereal.virtualave.net/soft/qpoll/home.html

QPoll 3.1 was great. It is the best free polling/survey script I know about. Anyone else know of a great script?

Also, does anyone know anything about what happened to Taro Sato's QPoll script?

Jan 7, 2003, 3:51 PM

Paul

Veteran (19537 posts)

Jan 7, 2003, 3:51 PM

Post #2 of 9

Shortcut

Re: [Curt] QPoll 3.1 by Taro Sato In reply to

Just found this hehe...

http://daveola.com/Pages/Bugs/qpoll.html

Judging by the type of bug, the script sounds like it's not the greatest coded script :)

The best place to look for alternatives is hotscripts.com

Last edited by:

Paul: Jan 7, 2003, 3:51 PM

Jan 7, 2003, 8:22 PM

Curt

User (91 posts)

Jan 7, 2003, 8:22 PM

Post #3 of 9

Shortcut

Re: [Paul] QPoll 3.1 by Taro Sato In reply to

In Reply To:

Paul,

I saw that too and that's why I want to know about an update. If you read down in the thread in the above link Sato talks about rewriting the code to fix the security bug.

That is why I am hoping someone knows what has happened with the script. It functions great and is a good poll/survey script.

Jan 8, 2003, 9:35 AM

webmaster33

Veteran (2312 posts)

Jan 8, 2003, 9:35 AM

Post #4 of 9

Shortcut

Re: [Paul] QPoll 3.1 by Taro Sato In reply to

Likely, when Curt says "best free polling/survey script", he does not think about the coding of the script, or the security holes, but about the features & ease of use.
If all people would matter the security holes, nobody would use Windows Wink

.
But of course Paul, I aggree, you are right, it's better not to use a script which has known security hole...

Best regards,
Webmaster33

Paid Support from Webmaster33. Expert in Perl programming & Gossamer Threads applications. (click here for prices)
Webmaster33's products (upd.2004.09.26) | Private message | Contact me | Was my post helpful? Donate my help...

Jan 9, 2003, 10:01 AM

Curt

User (91 posts)

Jan 9, 2003, 10:01 AM

Post #5 of 9

Shortcut

Re: [webmaster33] QPoll 3.1 by Taro Sato In reply to

In Reply To:

.
But of course Paul, I aggree, you are right, it's better not to use a script which has known security hole...

You are exactly right Webmaster33. What I look for in a script is ease of use and features. I don't pretend to know enough about coding to do ANYTHING. If it were not for the GT Forum I would not have any scripts on my pages.

That being said, I do like to find a script that works well and adds unique content to my site. I try to think of the end user and their surfing experience. Now, if I know of a security hole I will try to find experts who can plug the hole, but, unfortunatley if I had to be a guru who could see bugs, security issues, and poorly written code I would have to abbandon ALL scripts 'cause I just don't have the skill set required (yet).

That is what is so cool about having people like Paul and you to help me via this forum.

Resolving this security hole is what started this whole thread in the first place.

By the way, after a second reading of the README.txt for this script I saw that Sato thanked "David Ljung Madison" for pointing out a security hole and helping to fix it. So it is fixed.

However, the script's author is still missing. You can find a copy of QuickPoll 3.1 here:

http://MarginalHacks.com/#qPoll

Now, that leaves just the philosophical question, "Just how close to perfect must a script be to be useful?"

Any thoughts?

Jan 9, 2003, 10:08 AM

Paul

Veteran (19537 posts)

Jan 9, 2003, 10:08 AM

Post #6 of 9

Shortcut

Re: [Curt] QPoll 3.1 by Taro Sato In reply to

As a general, yet far from perfect rule, a script with "use strict;" at the top is more highly recommended than one without. If nothing else, it shows you that the coder has a fundamental knowledge of strict coding and as a result the code should be relatively clean.

Of course there can still be security holes, but there is certainly a lesser chance.

If you don't feel you know enough yet to analyse the potential security risks of a script then just look for strict coding as a starting point. All of the best scripts available use strict.

Last edited by:

Paul: Jan 9, 2003, 10:09 AM

Jan 10, 2003, 1:21 AM

webmaster33

Veteran (2312 posts)

Jan 10, 2003, 1:21 AM

Post #7 of 9

Shortcut

Re: [Curt] QPoll 3.1 by Taro Sato In reply to

Earlier, I was also looking for a good FREE Poll/Vote script. I tested over 10 free poll scripts, but very few of them had the minimum funtionalities I was looking for.

Following scripts got + of possible +++++ (so are not bad, but still not enough good):
+poll - by Greg Billock (no more info about)
+Survey V1.3 - http://www.cgi-factory.com
+vote.cgi v2.0 - by Michael Hall

These got ++ of possible +++++ (got ++, because features are close to what I did need, but still not enough good):
++Poll It v2.05 - http://www.cgi-world.com/pollit.html (they also have very good commercial poll scripts, based on this free one)
++EventHandler Free Edition v3.3 - http://www.event-handler.com/
++QPoll 3.1SR-2

Most of them even don't use correct file locking, just an emulated one, using a file or dir creation...
I think we can NOT find any of them, which use strict... Tongue

So the solution (as Paul would say), do not use free poll scripts. Wink

Just thought to share my experience with you about polls. It was a few years ago, so new scripts may appeared since that time...

After all the mentioned tests, I acknowledged, that I have to write my own poll to get the required features.
However I had not enough time to start the development, there were always higher priority tasks.

You can also check poll scripts here:
http://www.cgi-resources.com/...l/Survey_and_Voting/
(if you find something really cool, let me know Cool