Re: [CDBI] Class::DBI::Untaint

[prev] [thread] [next] [Date index for 2005/11/15]

From: Peter Speltz
Subject: Re: [CDBI] Class::DBI::Untaint
Date: 11:48 on 15 Nov 2005
On 11/15/05, Jay Hargreaves <jay@xxxxxxx.xxx> wrote:
> Hi all!
>
> I have a web application that is using Class::DBI::Untaint to verify a
> URL is indeed a URL (CGI::Untaint::url).
>
> My problem is that the URL field is optional so sometimes the user will
> not enter any information at all in this field. When they do this they
> get the usual validate_column_values error!
>
> Is there some way to make the validation optional - ie - to check the
> URL for validity ONLY if the user has entered a value?
>

This is one of the "bugs" (or "features")   i was referring to of a
CGI::Untaint system.  You basically have 3 choices:
1) Override every untaint handler (CGI::Untaint::date/url/...) to
allow and empty value.
 2) Override Class::DBI::Untaint to use CGI::UntaintPatched which
works as you want for all Untaint types.
3)  Override CGI::Untaint to do what you want.

There is some archived discussion of this.

_______________________________________________
ClassDBI mailing list
ClassDBI@xxxxx.xxxxxxxxxxxxxxxx.xxx
http://lists.digitalcraftsmen.net/mailman/listinfo/classdbi

[CDBI] Class::DBI::Untaint
Jay Hargreaves 10:58 on 15 Nov 2005

Re: [CDBI] Class::DBI::Untaint
Peter Speltz 11:48 on 15 Nov 2005

Re: [CDBI] Class::DBI::Untaint
Jay Hargreaves 15:12 on 15 Nov 2005

Generated at 21:49 on 21 Nov 2005 by mariachi v0.52