Greetings,
Hello,
I have an externally supplied attachment filename which I need to untaint but still use. I'd like to replace any unsafe characters with underscores. This is what I've tried:
$attach_name =~ s/[^\w\s\-\.]/_/; $safe_attach_name = $1; However, this isn't populating $safe_attach_name with anything. What am I doing wrong?
I imagine you want to do it more than once so add the g... Plus you have no parens to capture anything to $1 and
use strict and warnings it will help you !!
my $safe = $attach_name; $safe =~ s/[^\w\s\-\.]/_/g;
What if someone has a pipe or backtick? maybe s/\W/_/g; do what you want more thouroughly (and readably)?
HTH
Lee.M - JupiterHost.Net
Thanks in advance, Damon
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
