http://qs1969.pair.com?node_id=57959


in reply to Untainted done right!

You usually untaint by matching "nice" stuff and using $1:

if( $temp =~ m#([-\w./]*)# ) { # or if( $temp =~ m#^(/?(?:[-\w.]+/)*[-\w.]*)$# ) { $temp= $1; } else { die "Invalid input..."; }

The die may not be the proper way to fail, depending on your environment.

        - tye (but my friends call me "Tye")