On 04/24/10 21:38, Chris Bennett wrote:
When I run this first time, with no values from form, I get
$article_file being a / when it should be nothing. I just can't see the
error. I have tried variations with \w and dash at beginning and end,
but no go.

Debug shows blank at A, / at B

#!/usr/bin/perl

$VERSION = 1.0.0;

use warnings;
no warnings 'uninitialized';
use strict;

#use Apache::Constants qw(:common);
use Apache::Request();
#use Apache::Cookie();
use MyPerl::Articulator qw(get_template print_template print_text
submit_changes backup_server see_html template_form load_template);

our $debug = 1;

delete $ENV{PATH};
my $r = Apache->request;
my $q = Apache::Request->new($r, POST_MAX => 1000000, DISABLE_UPLOADS =>
1);
my $site_url = "www.example.com";
my $site_directory = "/var/www/htdocs/users/example.com";
my $site_name = "Example!";
my $secure = 1;
my $article_directory = "articles";
undef my $error;
undef my $article_title;
undef my $article_backup_file;
undef my $article_file;
$article_file = $q->param("articlefilename");
if ($debug) { $error .= qq{<p>$article_file</p>};}
$article_file =~ m/^([a-zA-Z0-9_-]*\.html)$/;
$article_file = $1;
if ($debug) { $error .= qq{<p>$article_file</p>};}
$article_backup_file = $article_file;
$article_backup_file =~ s/\.html$/_backup.html/;
undef my $body;

Thanks
Chris Bennett


OK, as per suggestions and adding in another needed part for MultiViews:

my $error = '';
my $article_title ='';
undef my $article_backup_file;
undef my $article_file;
$article_file = $q->param("articlefilename") || '';
if ($debug) { $error .= qq{<p>A $article_file</p>};}
if ($article_file =~ /^([a-zA-Z0-9_-]+\.html.?\w?\w?)$/) {
        $article_file = $1;
} else {
        $article_file = '';
}
if ($debug) { $error .= qq{<p>B $article_file</p>};}
$article_backup_file = $article_file;
$article_backup_file =~ s/\.html$/_backup.html/;

Is there a better regex for .?\w?\w?

I want a . letter letter not . letter or just two letters etc.

This regex is to prevent read or write access to files up the directory tree or non html files. There is also a username password for any write access.

undef my $variable is not a common idiom but is seen in Programming Perl and other places. Is there any reason I should use my $variable = undef? More typing. :)

Why was I getting a / back? Is that an artifact from the perl internals?


Thanks

Reply via email to