howdy,
I was fiddling with this recently hoping to get an improved version into view 1.3. there are different thoughts on 'decode-cgi should be a higher/lower level function my belief is it should be pretty dumb and just break strings up on a structural basis. but that leads to newby biting which is not good. so here are two functions: the first 'vet-word attempts to return as much of an input string! that can be formed into a valid rebol word! making char replacements as needed. the second is dumb but a robust decode-cgi that should handle all sorts of malformed query strings, which by default calls vet-word to filter out funny stuff but can be called with a /raw refinement to skip it if you feel you do not need the extra checks. "mind the wrap" vet-word: func[{return as much of a string is suitable to form a word assumes no chars below 31 20x} str[string!] /local valid invalid result token ][ invalid: make bitset! [#"@" #"#" #"$" #"%" #"^^" #"," #"[" #"]" #"(" #")" #"{" #"}" #"^"" #":" #";" #"/" #" " #"^/"] valid: complement invalid result: make string! length? str number: [copy token [opt["+" | "-"][integer! opt ["." integer!]]|["." integer!]] (insert tail result join "number_" token) ] parse/all str[ opt number any[ opt [[some invalid] (insert tail result "!")] copy token [some valid] (insert tail result token) ] ] if empty? result[result: "!"] ; if the string had no valid chars return surprise if not equal? str result[print["IN-PUT " str newline "OUTPUT " result]]; debugging result ] ;;;---------------------------------------------------------------------------------------- decode-cgi: func [args [any-string!] /raw /local cgi-block name value mark here ][ all[empty? args return ""] structural: make bitset! "+&=%" non-struct: complement structural xchar: make bitset! {0123456789ABCDEFabcdef} safe-xchar: make bitset! {23456789ABCDEFabcdef} cgi-block: make block! 16 spc: [mark: #"+" (change :mark " ")] hex: [mark: #"%" 2 xchar (change/part :mark dehex copy/part :mark 3 3) :mark] safe-hex: [mark: #"%" [safe-xchar xchar (change/part :mark dehex copy/part :mark 3 3) :mark] | [2 xchar (change :mark "!" )] ] parse/all args [ opt "&" any[(name: copy "" value: copy "" here: copy "") copy name some [non-struct | spc | safe-hex] (all[not raw name: vet-word trim name] either none? here: find cgi-block to set-word! name[ insert/only tail cgi-block to set-word! name insert/only here: tail cgi-block none ][here: next here]) opt[#"=" opt[copy value some [non-struct | spc | hex] (either none? first here [change here value] [either not block? first here [poke here 1 to block! reduce[first here value]] [insert/only tail first here value] ] ) ] ] [ #"&" | end] ] ] cgi-block ] On Mon, 9 Feb 2004, Hallvard Ystad wrote: > > Hi > > I know some people say "garbage in - garbage out", but one can't always control what > comes into one's programs as input. Here's what came to one of mine: > > http://www.bbc.co.uk/cgi-perl/h2/h2.cgi?state=threads&board=cult.tamaraswift&&sort=T > > This crashes 'decode-cgi in /core 2.5.6: > >> decode-cgi "state=threads&board=cult.tamaraswift&&sort=T" > ** Script Error: Out of range or past end > ** Where: to-set-word > ** Near: to set-word! :value > >> > > I believe Andreas Bolka and/or Andrew Martin made a patch to 'decode-cgi some time > back, but can't seem to find it. Does anyone know whether the patch fixes this > problem? Or perhaps where I can find it? > > Thanks, > HY > > Prętera censeo Carthaginem esse delendam > > > -- > To unsubscribe from this list, just send an email to > [EMAIL PROTECTED] with unsubscribe as the subject. > -- To unsubscribe from this list, just send an email to [EMAIL PROTECTED] with unsubscribe as the subject.