Paul Morris wrote: > > Hi all Hello,
> I found this at: > > http://www.suse.com/us/private/support/howto/secprog/secprog8.html > > ...but am having difficulty working it out, because it doesn't seem to > do what I think it should (and "I" may be the problem!). No, in this case it is probably not you. > To quote: > -------------------- > The best solution is to select a filter for Perl, just like for shell, > which only accepts authorized characters. > > unless($userinput =~ tr/[EMAIL PROTECTED]//) The range A-z is wrong, it should be A-Z. Also the characters '[' and ']' are probably there in error, the correct expression should be "$userinput =~ tr/a-zA-Z0-9@//". > { > print "Nice try, pal!\n"; > exit(1); > } > -------------------- > > I know the tranliteration search string is duplicated as the replacement > string, and that the tr will return the number of changes made - it's > just that I can't see how, if the input string DOES contain valid > characters AND invalid characters, that the 'unless' will ever be entered. > > This is my implementation of the above: > --------------- > use strict; > $inputString = "&[EMAIL PROTECTED]"; > print $inputString; > print "\n"; > unless ($inputString =~ tr/[EMAIL PROTECTED]//){ > print "Gotcha!"; > } > print $inputString; > --------------- > > Despite having NO characters replaced, the condition is not entered... > > Any thoughts? You have to test for the characters that you don't want instead of the characters you do want. use strict; my $inputString = '&[EMAIL PROTECTED]'; print "$inputString\n"; if ( $inputString =~ tr/a-zA-Z0-9@//c ) { print "Gotcha!\n"; } print "$inputString\n"; John -- use Perl; program fulfillment -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
