my @PERMIT_OPS = qw( :base_mem null stub pushmark const defined undef preinc i_preinc predec i_predec postinc i_postinc postdec i_postde +c int hex oct abs pow multiply i_multiply divide i_divide modulo i_modulo add i_add subtract i_subtract left_shift right_shift bit_and bit_xor bit_or negate i_negate not complement lt i_lt gt i_gt le i_le ge i_ge eq i_eq ne i_ne ncmp i_ncmp slt sgt sle sge seq sne scmp substr stringify length ord chr ucfirst lcfirst uc lc quotemeta trans chop schop chomp schomp match split list lslice reverse cond_expr flip flop andassign orassign and or xor lineseq scope enter leave setstate rv2cv leaveeval gvsv gv gelem padsv padav padhv padany refgen srefgen ref time sort pack unpack ) ; use Safe ; $safe = Safe->new('CODE::INJECTION') ; $safe->permit_only(@PERMIT_OPS) ; ## For regex insertion you should use: my $RE = $safe->reval('qr/<\w+.*?>/s'); if ( "bla <b>bold</b> bla" =~ /$RE/ ) { print "has tag\n" ;} my $RE_caption = $safe->reval('qr/(\d)/s'); my (@ret) = ( "a1 b2 c3" =~ /$RE_caption/g ); print "@ret\n" ; ## 1 2 3
I use it to enable confiuration files like that:
<SERVER> port => 80 extern => 1 listen => 5 name => "Some Server Name\n and a new line" </SERVER> <DOMAINS> localhost => c:\dev\www </DOMAINS> <MYSQL> DB1 => { user => 'foo' , pass => '123' , host => 'domain.foo' } <MYSQL>
Soo, the user can set Perl data structure as a entry (but need to be in one line), since I enable in the compartment the use of anonymous variables ({},[],"",'').
For what you want maybe you can unset some OP and make it more secure. Enjoy! ;-P
Graciliano M. P.
"Creativity is the expression of the liberty".
In reply to Re: User regexps
by gmpassos
in thread User regexps
by rkg
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |