How does one control what a user enters in a text field whenI know two methods:
gathering information via a perl cgi script?Such as: 1) To filter the text to remove anything that could be
malicious (basically keeping a-z,A-Z,0-9, and standard punctuation
'.;:-' with quote marks; 2) And, to keep the length of the input to a
certain limit of characters.Are there standard routines for this? It seems like it would be a
common concern.
If you do (1.), nevertheless you should do (2.), because (1.) might
be
not so reliable.
(1.) is being described in
http://www.netzwelt.com/selfhtml/tedf.htm
-- The explanations are German, a dictionary might be useful to you;
but the code is JavaScript ;-) --
For (2.) you have to learn RegExs. Do you have sample scripts
to learn from?
You could try something like this:
############# Perl ############
#use CGI;
remove those #
#$q = new CGI;
#$name = $q{name}; ## if you have named it "name"
in your HTML-form
$\="\n";
$name = 'ABCD Jürgen Müller@provider.com ---';
## just for testing
$name =~ s/[^-\w.;:@]//g; ### leaves only a-z, A-Z, -.:;@
removes: space äöüÄÖÜ ß é
?! ()[] etc.
print $name;
#### or do it like this:
$name = 'ABCD Jürgen_Müller@provider.com ---';
## just for testing
$name =~ s/ü/ue/g;
### ü -> ue
$name =~ s/[^-\w.;:@]//g; ### leaves only a-z, A-Z, -.:;@
removes: space äöüÄÖÜ ß é
?! ()[] etc.
print $name;
__END__
############ End of Perl #############
Detlef Lindenthal <detlef@linddenthal.com>