in reply to Re: Dangerous Characters for system calls
in thread Dangerous Characters for system calls

Perl has a built-in function for [A-Za-z_0-9]: quotemeta()

Replies are listed 'Best First'.
Re^3: Dangerous Characters for system calls
by Happy-the-monk (Canon) on Oct 16, 2013 at 10:50 UTC

    Perl has a built-in function for A-Za-z_0-9: quotemeta()

    Nearly there. Too bad, Anonymous Monk cannot fix his own typos. Correctly said and taken from perldoc -f quotemeta:

    quotemeta

    Returns the value of EXPR with all the ASCII non-"word" characters backslashed. (That is, all ASCII characters not matching "/[A-Za-z_0-9]/" will be preceded by a backslash in the returned string, regardless of any locale settings.) This is the internal function implementing the "\Q" escape in double-quoted strings. (See below for the behavior on non- ASCII code points.)

    ...

    Cheers, Sören

    Créateur des bugs mobiles - let loose once, run everywhere.
    (hooked on the Perl Programming language)

[reply]
[d/l]
Re^3: Dangerous Characters for system calls
by CountZero (Bishop) on Nov 06, 2013 at 20:18 UTC
    Not at all! That will escape "dangerous" characters for Perl but does not at all guarantee that the resulting string is safe (or will even work at all) for anything else but Perl.

    CountZero

    A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

    My blog: Imperial Deltronics
[reply]

In Section Seekers of Perl Wisdom