On Jan 9, 2013, at 11:26 AM, Andy Bach wrote:
> On Wed, Jan 9, 2013 at 10:11 AM, Bill Stephenson <bi...@ezinvoice.com>wrote:
>
>> date=11/01/2003
>>
>> I want to trap bad data sent to time::local in a loop where I use these
>> lines:
>>
>> my ($date_month, $date_day, $date_year) = split(/\//,
>> $DOCUMENT->param("date"));
>>
>> $date_year = ($date_year-1900);
>> $date_month = ($date_month-1);
>>
>> my $test_date = timelocal($sec, $min, $hours, $date_day,
>> $date_month, $date_year);
>>
>
> I'm allowing "01-01-2013" too
>
> my $date_str = $DOCUMENT->param("date");
> if ( $date_str and $date_str = m#(\d+)[/-](\d+)[/-](\d+)# ) {
> my ($date_month, $date_day, $date_year) = ($1, $2, $3);
> ...
>
> }
> else {
> warn("bad date: $date_str");
> }
>
> You should always parse user input to get exactly what you want (digits)
> and not use their input directly. You should probably check (if it's an
> text input and not a pick list, say) that you have a 4 digit year etc.
>
Thanks Andy,
I got something like this to work:
my $date;
my $test_date = '';
eval {
$test_date = timelocal($sec, $min, $hours, $date_day, $date_month,
$date_year);
};
if ($test_date eq '') {
next;
}
else {
$date = timelocal($sec, $min, $hours, $date_day, $date_month,
$date_year);
}
although I don't see a problem with using it like this, I'm not keen on using
"eval" in cgi scripts. Your solution avoids that nicely so I'll try it out.
Thanks again,
Bill
--
To unsubscribe, e-mail: beginners-unsubscr...@perl.org
For additional commands, e-mail: beginners-h...@perl.org
http://learn.perl.org/
