User regexps

rkg has asked for the wisdom of the Perl Monks concerning the following question:

Hi.

I have an app that solicits regexps from users then uses them to filter data.

Here's a code snippet that greps objects from a list (here named @x) whose regexps match a predefined hunk of text (here named matchtext).

my @matches = map { $_->result} grep {
                             my $re = $_->regex; 
                                     $matchtext =~ /$re/i;
                                    } @x;
[download]

My two questions:

If the regexps come from users, will I have a taint problem? Can they do harm via matchtext =~ /$re/i;, or just cause errors? (This is all wrapped in an eval, so I catch badly formed regexps; I am worried about intentional or unintentional ill-effects beyond an error.) Would qr help with this? Or how about Safe?
How could a user specify a regexp meaning, "Any string that does not have the phrase 'foo' in it?" My natural approach would be $matchtext !~ /foo/ or ! ($matchtext =~ /foo/), but here I'm stuck inside the matchtext =~ /$re/i; construct... is there a decent way of saying "does not contain foo" inside a standard "match" m// regexp?

Thanks for your advice.

rkg

Hey, my 100th post! Whoop Whoop Whoop Whoop

Back to Seekers of Perl Wisdom