Howdy all

I'm writing a script which will create a form, untaint submitted data and return error messages to the user when their input is not what was expected. It should then show them the form again, remembering the values which were good, but clearing the textfields it didn't like, as well as pointing the user to the fields which need to be filled in again. I am having no problem untainting or remembering the data, but am encountering a really weird bug when it comes to emptying the fields. I'm using self_url() to refer the script back to itself and hence remember the data that was good, and when the script encounters an input value that doesn't match what it was expecting, it pushes the name of that parameter into an array. When it has checked all the data, it iterates through the array passing each value to $query->delete($name_of_field) which should mean that all the fields the script didn't like come back blank next time round. However, the results are....interesting to say the least. The parameter are being pushed into the array correctly, but only some of the fields are coming back clear (always the same ones each time and indepedent of what the fields should contain or the order in which they were pushed into the array). The script itself doesn't ever seem to think it is able to delete any of the values.

#An example of the untainting code for a value not being deleted:
if (param('house') =~ /^([\dA-Za-z '-]{1,20})$/ ) {
    $house = $1;
    } else {
    push @problem, "House name or number";
        push @delete, "house";
    }

#And one that is:
if (param('email1') =~ /^(([\w\.]{1,40})@([\w\.]{1,30}))$/ ) {
        $email = $1;
    } else {
        push @problem, "e-mail address";
        push @delete, "email1";
    }
#I'm aware that this will disallow some valid e-mail addresses, but I'
+m  not worrying about that for the moment

#And the code that should delete all the invalid input:
my $i;
    foreach $i (@delete) {
        $query->delete($i);
    }

[download]

I would really appreciate any suggestions asI've been banging my head against a brick wall with this all afternoon and it's probably something very easy that I'm overlooking :)

In reply to Deleting submitted values from and HTML form by Nevtlathiel

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.