As a non Perl geek I was giving my best guess ;)
Charles Daminato
Product Manager (ccTLDs)
Tucows Inc. - [EMAIL PROTECTED]
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher Masto
> Sent: December 19, 2000 11:35 AM
> To: Charles Daminato; Jim Carey
> Cc: [EMAIL PROTECTED]
> Subject: Re: OT - encode '
>
>
> As a Perl geek, I am obligated to respond.
>
> On Tue, Dec 19, 2000 at 08:02:26AM -0500, Charles Daminato wrote:
> > Since ' and \ characters are 'recognized' in a regex, you have to escape
> > them in your stream:
> >
> > perl -pi.bak -e 's/\'/\\\'/g' file(s)
>
> That won't work - you'll confuse the shell. You could try:
>
> perl -pi.bak -e "s/'/\\\\'/g"
>
> or
>
> perl -pi.bak -e 's/'\''/\\'\''/g'
>
> both of which are very ugly. But I suspect he meant that he wanted
> to do it in a program, so he would just be writing:
>
> $whatever =~ s/(['\\])/\\$1/g;
>
> Then again, the guy didn't say what he meant by "escape". In SQL, for
> example, the correct "escape" for ' is ''. In addition, when someone
> asks a question like this, they're rarely asking the whole question.
> I bet he needs more than just to put backslashes in front of two
> characters. He may even be trying to sanitize user input before
> passing it to system() or something, in which case he hasn't read the
> documentation and will end up writing security holes no matter what we
> tell him.
>
> In addition, rather than reinventing the wheel, there's the Perl
> quotameta function, the HTML::Entities and URI::Escape modules, and
> the DBI module's "quote" method, depending on the circumstances.
> --
> Christopher Masto Senior Network Monkey NetMonger
> Communications
> [EMAIL PROTECTED] [EMAIL PROTECTED]
> http://www.netmonger.net
>
> Free yourself, free your machine, free the daemon --
http://www.freebsd.org/
