http://www.perlmonks.org?node_id=1174963

Dallaylaen has asked for the wisdom of the Perl Monks concerning the following question:

Hello dear esteemed monks,

I'm working on a toy web framework. One of its key features is that fetching user input, like cookies and parameters, requires regexp-based validation.

The API is as follows:

my $request = shift; my $foo = $request->param( foo => '\d+' );

This would only return a value when the WHOLE foo parameter matches regexp (one or more digits in this case), empty string* (or a sane default provided as optional third argument) otherwise.

For now, this API deliberately ignores multi-valued query parameters, only using the LAST value. The time has come to fill this gaping hole.

I'm thinking of the following method:

my $request = shift; $request->param_arrayref( bar => '\d+' );

Note that we don't rely on calling context, but require an explicit statement ("list expected!") instead.

One thing I'm confused about is what I should do if the value passed by user contains both matching and non-matching values. Filter out matching ones? Return empty array? Return undef (and possibly break someone's code in runtime)? Croak is not a variant - this is left for the user.

I'm leaning towards the second options (a missing array is MUCH easier to debug than a missing element in the array). But may be there are other concerns? Or am I doing it wrong altogether? And btw, can arrayref be shortened to just array?

Last but not least, what could be the real-life usage examples of passing the same argument multiple times in a web form? I'd rather do some trial and error as well as write a meaningful example which I can click through with my browser.

Thank you,

*To be replaced with undef in next version.