On 12/14/06, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote:
>This is a known problem with pdksh that the developers have stated
>they don't plan to change. `read' only updates the value of
>`testread' in the child shell process, not the parent.
>
>E.g., ``print "testing" | ( read testread; echo $testread )'' will
>work.
is there a ksh command that will print a variable, say $form_pw, with any
combination of "bad" characters (e.g. `,',",%,>,<,|) stored in it? this seems
like it would be a useful command since, AFAICT this issue is relatively common.
if no command exists, i can certainly write some C code to do it but would
rather see if it's doable using just ksh.
is there a list of all the characters you should escape/filter when writing
shell scripts?
You can use the ${varname} syntax (curly braces) to reference a
variable with special characters in the value.
If you're still on the CGI piece and want to filter out characters
from your input variables, you'll have to determine what those are
yourself, although ksh does support some advanced parameter editing
within the value of a variable. See ksh(1).
--
Darren Spruell
[EMAIL PROTECTED]
