Re: [CDBI] Class::DBI::Untaint

[prev] [thread] [next] [Date index for 2005/11/15]

From: Jay Hargreaves
Subject: Re: [CDBI] Class::DBI::Untaint
Date: 15:12 on 15 Nov 2005
Thanks again Peter - I'll have a look at overriding Class::DBI::Untaint 
as you suggest...

Peter Speltz wrote:
> On 11/15/05, Jay Hargreaves <jay@xxxxxxx.xxx> wrote:
> 
>>Hi all!
>>
>>I have a web application that is using Class::DBI::Untaint to verify a
>>URL is indeed a URL (CGI::Untaint::url).
>>
>>My problem is that the URL field is optional so sometimes the user will
>>not enter any information at all in this field. When they do this they
>>get the usual validate_column_values error!
>>
>>Is there some way to make the validation optional - ie - to check the
>>URL for validity ONLY if the user has entered a value?
>>
> 
> 
> This is one of the "bugs" (or "features")   i was referring to of a
> CGI::Untaint system.  You basically have 3 choices:
> 1) Override every untaint handler (CGI::Untaint::date/url/...) to
> allow and empty value.
>  2) Override Class::DBI::Untaint to use CGI::UntaintPatched which
> works as you want for all Untaint types.
> 3)  Override CGI::Untaint to do what you want.
> 
> There is some archived discussion of this.
> 

        -- 
        bingo, bango, bosh...

_______________________________________________
ClassDBI mailing list
ClassDBI@xxxxx.xxxxxxxxxxxxxxxx.xxx
http://lists.digitalcraftsmen.net/mailman/listinfo/classdbi

[CDBI] Class::DBI::Untaint
Jay Hargreaves 10:58 on 15 Nov 2005

Re: [CDBI] Class::DBI::Untaint
Peter Speltz 11:48 on 15 Nov 2005

Re: [CDBI] Class::DBI::Untaint
Jay Hargreaves 15:12 on 15 Nov 2005

Generated at 21:49 on 21 Nov 2005 by mariachi v0.52