Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Re: taint check that I thought worked

by welchavw (Pilgrim)
on Feb 02, 2004 at 17:04 UTC ( #325912=note: print w/replies, xml ) Need Help??

in reply to taint check that I thought worked

I think you want \Z, not \z. Also, you want {1,16}, not {1-16}.


Replies are listed 'Best First'.
Re: Re: taint check that I thought worked
by ysth (Canon) on Feb 02, 2004 at 17:18 UTC
    \Z (upper-case) matches either at the end of the string or just before a newline at the end of the string (just like $ normally does; but $'s behaviour changes with the /m flag, \Z always stays the same).

    \z (lower-case) matches only at the end of the string, and is probably what he (assuming for the moment that "punk" implies "male") wants.

      In this case, I belive that \z and \Z would be equivalent, as \W chars (including \n's) are stripped just before the matching. Am I right?

        Yes; I had missed that part. So the function boils down to:
        print "failure" and return 1 if contains _ or more than 16 alphanumeri +cs otherwise return alphanumerics.
        I suspect the _ and return 1 parts are unintentional, and the function would be better as:
        sub untaint_username { my $tainted = shift; # remove non-alphanumerics $tainted =~ y/a-zA-Z0-9//cd; # or s/[\W_]//g # must be 1-16 characters return "$1" if $tainted =~ /\A(.{1,16})\z/; print "failure\n"; return; }

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://325912]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (7)
As of 2017-10-18 22:23 GMT
Find Nodes?
    Voting Booth?
    My fridge is mostly full of:

    Results (251 votes). Check out past polls.