On Tuesday, May 14, 2002, at 06:57 , Bill Akins wrote:
> How about something like this:
>
> if (($s_field >= 1) && ($s_field <= 10)) {
> do something;
> }
> else {
> do something else;
> }
the problem is that as long as $s_field is always numeric,
then there will be no 'issues' - but since of course we
are all using strict, and -w, and when appropriate -T,
to do the check for Tainting - because we are all going
to make the big bucks doing WebFoo - one has to make
sure that the WhineyNigglingHackers are not trying to
attack us with GARBAGE - so you have to assume that
the EVIL ONES have stuffed JUNK into $s_field - so
you need to check that it is numeric...
so you could do it with say
if ( $val =~ /^\d+/ and $val > 0 and $val <11) {
print "and is OK Still\n";
}else {
print "and is Still BAD BAD BAd\n";
}
since it will short circuit on the pattern match if
it were a string and not a numeric.
ciao
drieux
---
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
