in reply to Re^3: Using Regexp Patterns as Variables
in thread Using Regexp Patterns as Variables

There's no "if". $ENV{REQUEST_URI} is controlled by remote users.

Even ignoring the evident trust issues, eval is simply not the right tool.

Replies are listed 'Best First'.
Re^5: Using Regexp Patterns as Variables
by Rodster001 (Pilgrim) on Mar 18, 2009 at 17:06 UTC
    Correct. However, since the regex patterns are stored in the DB, put there by trusted users, it is effectively the same as hard coding them (without having to). $ENV{REQUEST_URI} can be mucked with without any security issues (the replacement will just fail).
[reply]

In Section Seekers of Perl Wisdom