rkg has asked for the wisdom of the Perl Monks concerning the following question:
Hi.
I have an app that solicits regexps from users then uses them to filter data.
Here's a code snippet that greps objects from a list (here named @x) whose regexps match a predefined hunk of text (here named matchtext).
My two questions:my @matches = map { $_->result} grep { my $re = $_->regex; $matchtext =~ /$re/i; } @x;
- If the regexps come from users, will I have a taint problem? Can they do harm via matchtext =~ /$re/i;, or just cause errors? (This is all wrapped in an eval, so I catch badly formed regexps; I am worried about intentional or unintentional ill-effects beyond an error.) Would qr help with this? Or how about Safe?
- How could a user specify a regexp meaning, "Any string that does not have the phrase 'foo' in it?" My natural approach would be $matchtext !~ /foo/ or ! ($matchtext =~ /foo/), but here I'm stuck inside the matchtext =~ /$re/i; construct... is there a decent way of saying "does not contain foo" inside a standard "match" m// regexp?
Hey, my 100th post! Whoop Whoop Whoop Whoop
Back to
Seekers of Perl Wisdom