Re: Match number >= 0 and <1

I would only point out that 0.9999999999999999999999999999 + 0 = 1 in perl. Also leading whitespace will not make it through your regular expression. You might be better off with:

my ($untainted) = ($_num =~  /^(.*)$/);
if ($untainted >= 0 and $untainted < 1) {
    $num = $untainted + 0.0;
}
[download]

And here is a small test

for my $_num (0, 1, ".5", -0.5, 0.5, 9.00000999999, 0.0000099999999,
 "asdfads", "0.9999999999999999999999999999") {
    my $num;
    my ($untainted) = ($_num =~  /^(.*)$/);
    if ($untainted >= 0 and $untainted < 1) {
        $num = $untainted + 0.0;
    }
    print "$_num $untainted  $num\n";
}
[download]

If you don't want strings like 'asdfads' to be equal to 0 then you do need to use a smarter regular expression.

-- gam3
A picture is worth a thousand words, but takes 200K.

Comment on Re: Match number >= 0 and <1 Select or Download Code

Replies are listed 'Best First'.
Re^2: Match number >= 0 and <1 by ikegami (Patriarch) on Jul 29, 2005 at 14:53 UTC
Not so good: `Argument "asdfads" isn't numeric in numeric ge (>=) at !.pl line 5.` [download] Even worse, "asdfads" is falsly considered valid. (It gets converted to 0.)	[reply] [d/l]
Re^2: Match number >= 0 and <1 by Taulmarill (Deacon) on Jul 29, 2005 at 14:40 UTC
could you please give some value for $_num where `my ($untainted) = ($_num =~ /^(.*)$/);` has a different outcome than just `my $untainted = $_num`.	[reply]
Re^3: Match number >= 0 and <1 by blazar (Canon) on Jul 29, 2005 at 14:52 UTC
It is my understandment that it will have just the same value, but it will be... ehm... untainted! Which is the point the OP was trying to make: first blindily untaint, then do your checks whatever way you like most, i.e. do not try to do it all in one regex. I second his approach, BTW!	[reply]
Re^3: Match number >= 0 and <1 by ikegami (Patriarch) on Jul 29, 2005 at 14:51 UTC
All of them. The regexp removes the taint flag.	[reply]
Re^2: Match number >= 0 and <1 by Codon (Friar) on Jul 29, 2005 at 17:01 UTC
If you are going to untaint in this method ("anything is good"), why bother with taint checks at all. Taint checks are there for a reason: Users can be evil. Ivan Heffner Sr. Software Engineer, DAS Lead WhitePages.com, Inc.	[reply]
Re^3: Match number >= 0 and <1 by gam3 (Curate) on Jul 29, 2005 at 17:55 UTC
Could you please show me a value for `$string` that causes `$num` to be other than a number (or some other side effect) for this code: `$num = $string + 0;`. -- gam3 A picture is worth a thousand words, but takes 200K.	[reply]
Re^3: Match number >= 0 and <1 by Anonymous Monk on Aug 01, 2005 at 14:01 UTC
If you are going to untaint in this method ("anything is good"), why bother with taint checks at all. Because in Perl, taintness is all or nothing. If you turn it on for a Perl program, anything coming from the outside is marked tainted - even data coming from untrusted sources, or data that you are going to use in a way that will be safe regardless what it contains. But if you to turn on taint checking because there's one untrusted source, of which you'll be using some data in a potentially insecure way, you have all your data mark tainted. Ah, if only Perl had a way to mark data from specific sources to be tainted. `sysopen my $handle, "untrusted_file", O_RDONLY \| O_TAINTED or die;` [download]	[reply] [d/l]