Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re: taint check that I thought worked

by welchavw (Pilgrim)
on Feb 02, 2004 at 17:04 UTC ( #325912=note: print w/ replies, xml ) Need Help??


in reply to taint check that I thought worked

I think you want \Z, not \z. Also, you want {1,16}, not {1-16}.

,welchavw


Comment on Re: taint check that I thought worked
Re: Re: taint check that I thought worked
by ysth (Canon) on Feb 02, 2004 at 17:18 UTC
    \Z (upper-case) matches either at the end of the string or just before a newline at the end of the string (just like $ normally does; but $'s behaviour changes with the /m flag, \Z always stays the same).

    \z (lower-case) matches only at the end of the string, and is probably what he (assuming for the moment that "punk" implies "male") wants.

      In this case, I belive that \z and \Z would be equivalent, as \W chars (including \n's) are stripped just before the matching. Am I right?

        Yes; I had missed that part. So the function boils down to:
        print "failure" and return 1 if contains _ or more than 16 alphanumeri +cs otherwise return alphanumerics.
        I suspect the _ and return 1 parts are unintentional, and the function would be better as:
        sub untaint_username { my $tainted = shift; # remove non-alphanumerics $tainted =~ y/a-zA-Z0-9//cd; # or s/[\W_]//g # must be 1-16 characters return "$1" if $tainted =~ /\A(.{1,16})\z/; print "failure\n"; return; }

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://325912]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (8)
As of 2014-07-10 07:54 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    When choosing user names for websites, I prefer to use:








    Results (202 votes), past polls