Hi Monks,
I have a question where I have a sub in my Perl code that does some checks on users input. Someone have updated my code to handle uninitialized values by adding an else at the end of the subroutine, I don't like the way it is done. Can some one tell me if this is a good way of doing it and if I should remove this code at the end and do the check another way.
I also think, if this is code for security, knowing that I have a possibility that could show a open door for problems having an else in there
Here is the code
sub cleanup
{
if ( $_[0] ) {
$_[0]=~s/<//g;
$_[0]=~s/>//g;
$_[0]=~s/;//g;
$_[0]=~s/\(//g;
$_[0]=~s/\)//g;
$_[0]=~s/\"//g;
$_[0]=~s/\'//g;
$_[0]=~s/\?//g;
$_[0]=~s/script//g;
$_[0]=~s/\///g;
$_[0]=~s/>//g;
$_[0]=~s/\*//g;
return $_[0];
} else { # I don't think this is the right way of doing it!
return '';
}
}
Thanks!
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.