Curtis,
What part of the code that you posted actually does the untainting?
>--- Mark Ross <[EMAIL PROTECTED]> wrote:
> > Hi all,
> >
> > I'm curious how I can condense this code. I'm pulling
> > my values from a Web submitted form (using CGI), and I
> > need to untaint them.
> >
> > But, each form field has different requirement for
> > what characters it can match (account number should
> > only be numbers, etc).
> >
> > I was wondering if there's a better way to do go
> > through these all without dupicating so much code? I'd
> > be more than willing to give up the customized error
> > messages if I could reduce these down to oneliners.
>
>Here's one way to grab the data and untaint it in one line:
>
> my ( $name ) = ( $q->param('name') =~ /^(\w+)$/ );
>
>Note that the parentheses around *both side* of the assignment.
>Also, you need the parentheses in
>the regular expression. $name will be undef if it does not untaint.
>
>Cheers,
>Curtis Poe
>
>=====
>Senior Programmer
>Onsite! Technology (http://www.onsitetech.com/)
>"Ovid" on http://www.perlmonks.org/
>
>__________________________________________________
>Do You Yahoo!?
>Make international calls for as low as $.04/minute with Yahoo! Messenger
>http://phonecard.yahoo.com/
>
>--
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
