#!/usr/bin/perl

use strict;
use warnings;
use Tk;
$| = 1;

my $search_pattern = '';

my $mw = MainWindow->new;
$mw->geometry( '+700+300' );
my $search = $mw->Entry (-width => 20, -textvariable => \$search_patte
+rn)->pack;
$search->bind('<KeyPress-Return>', \&search);
$search->focus;
$mw->Button(-text => 'Clear', -command => sub {$search_pattern = ''})-
+>pack;
$mw->Button(-text => 'Exit', -command => sub {$mw->destroy})->pack;

MainLoop;

sub search
  {
  my ($string );
  print "Pattern entered into Search-box is:  $search_pattern\n   ";
  use Data::Dump 'dd'; dd 'got', [ $search_pattern ];
  ## CHECK $search_pattern and untaint:
  if( $search_pattern =~ /^([\w\s\-\:\_\d]+)$/ )
    {  ## make sure it only contains \w, '-' , ':' , '_' , and digits
    $string = $1; ## DON'T forget 's -- space between prog and $arg
    print "\$string is untainted; \$string = $string \n ";
    }
  else
    {
    print "OOPS! data is tainted or empty. TRY AGAIN...\n  ";
    }
  }

[download]

In reply to Re: Stopping bad input (harder than sanitizing) by tybalt89
in thread Stopping bad input (harder than sanitizing) by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.