"D. Bolliger" schreef:
> # input sanitizing
> #
> my $re_range=qr/\d+\s*\.\.\s*\d+/;
> $user_input=~/^\s*$re_range(?:\s*,\s*$re_range)*\s*$/
> or die 'invalid input!';
>
> my @list4=eval $user_input;
An embedded newline can fool that test.
You can make it much stricter,
by replacing the \s by [[:blank:]],
and the ending $ by \z.
$re_range = qr/ [[:blank:]]*
\d+
[[:blank:]]*
\.\.
[[:blank:]]*
\d+
[[:blank:]]*
/x ;
$re_input = qr/\A $re_range (?: , $re_range )* \z/x ;
--
Affijn, Ruud
"Gewoon is een tijger."
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
