We're trying to find an open-source accounting package, preferably written in Perl, that we can integrate with some of our products. We have not been able to find any that seem to pass muster. I checked one today that, at first blush, looked like it might be acceptable. Then I started digging into the code and found many gems like the following.
# Untaint $db, $args and $columns.
$db =~ /(.*)/; $db = $1;
$args =~ /(.*)/; $args = $1;
$columns =~ /(.*)/; $columns = $1;
$stripheader =~ /(.*)/; $stripheader = $1;
my @entries = qx{ $ROW $args < $db $columns $stripheader };
