I screwed up with the regex, but I still maintain the assertion that you should check for the valid characters in a string. The class of invalid input is infinitely greater than that of valid input. If you check for invalid input and you forget something, you potentially open a security hole. If you check for valid input and forget something, that's inconvenient, but not potentially dangerous.
In this case, I got the double negation wrong, which is stupid. Also, the input set is very small, so easy to get right. In more complex cases the chance of forgetting something that is not allowed is much greater than forgetting something that is allowed. And in the latter case, it's merely inconvenient, and not dangerous.
Arjen
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.