| CGI::Untaint::Maypole - Use instead of CGI::Untaint. Based on CGI::Untaint |
CGI::Untaint::Maypole - Use instead of CGI::Untaint. Based on CGI::Untaint
use CGI::Untaint::Maypole; my $h = CGI::Untaint::Maypole->new($params); $value = $h->extract(-as_printable => 'name);
if ($h->error =~ /No input for/) {
# caught empty input now handle it
....
}
if ($h->raw_data->{$field} eq $object->$field) {
# Raw data same as database data. Perhaps we should not update field
...
}
This patches some issues I have with CGI::Untaint. You still need it installed and you install handlers the same.
1) Instead of passing the empty string to the untaint handlers and relying on them to handle it to everyone's liking, it seems better to have CGI::Untaint just say ``No input for field'' if the field is blank.
2) It adds the method raw_data to the get back the parameters the handler
was created with.
Returns the parameters the handler was created with as a hashref
None known yet.
the perlsec manpage. the CGI::Untaint manpage.
Peter Speltz.
Please direct all correspondence regarding this module to: bug-Maypole@rt.cpan.org
Copyright (C) 2006 Peter Speltz. All rights reserved.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
| CGI::Untaint::Maypole - Use instead of CGI::Untaint. Based on CGI::Untaint |