Hi
using the code i found in programming perl
$keycode =~/([\w-. ]+)/;#untaint a tainted user input
my $code = $1;
my error logs show
False [] range "\w-" before HERE mark in regex m/^([\w- << HERE !_]+).*/
for the line $keycode =~/([\w-. ]+)/
Only google ref i found was for ipchains but not using in this app,
Mark
Obantec Support wrote:
> using the code i found in programming perl
>
> $keycode =~/([\w-. ]+)/;#untaint a tainted user input
> my $code = $1;
Where in "Programming Perl" did you find that code?
> my error logs show
>
> False [] range "\w-" before HERE mark in regex m/^([\w- << HERE !_]+).*/
>
> for the line $keycode =~/([\w-. ]+)/
Let the dash be the first (or last) char within brackets:
[-\w. ]
(or else Perl thinks it's a range).
--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl
"Gunnar Hjalmarsson"
news:370vnuF58k0jtU1@individual.net...
> Obantec Support wrote:
> > using the code i found in programming perl
> >
> > $keycode =~/([\w-. ]+)/;#untaint a tainted user input
> > my $code = $1;
>
> Where in "Programming Perl" did you find that code?
>
> > my error logs show
> >
> > False [] range "\w-" before HERE mark in regex m/^([\w- << HERE !_]+).*/
> >
> > for the line $keycode =~/([\w-. ]+)/
>
> Let the dash be the first (or last) char within brackets:
>
> [-\w. ]
>
> (or else Perl thinks it's a range).
>
> --
> Gunnar Hjalmarsson
> Email: http://www.gunnar.cc/cgi-bin/contact.pl
My mistake i did find a similar code on page 562 but for some reason went
with some code i must have googled.
http://gunther.web66.com/FAQS/taintmode.html your site? has similar code.
Fixed using page 562 code.
Mark
Obantec Support wrote:
> Gunnar Hjalmarsson wrote:
>> Obantec Support wrote:
>>> using the code i found in programming perl
>>>
>>> $keycode =~/([\w-. ]+)/;#untaint a tainted user input
>>> my $code = $1;
>>
>> Where in "Programming Perl" did you find that code?
>
> My mistake i did find a similar code on page 562 but for some reason went
> with some code i must have googled.
>
>> Let the dash be the first (or last) char within brackets:
>>
>> [-\w. ]
>>
>> (or else Perl thinks it's a range).
>
> http://gunther.web66.com/FAQS/taintmode.html your site? has similar code.
No, it's not my site. What made you ask that?
That site seems to be written by some wannabe Perl helper who tries to
explain taint mode with code that doesn't pass warnings!!
--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl