[Maypole] [PATCH] default local untaint handlers

From: Jim Blomo (jim at rescomp.berkeley.edu)
Date: Tue Aug 17 2004 - 07:56:48 BST


This patch gets Maypole to recognize any local extraction handlers you
have written for your application. For example, you could now do

package BeerDB::CGI::Untaint::color;
sub _untaint_re { qr/^([a-z])$/ }
sub is_valid {
    my $color = shift->value;
    for (qw(gold white brown black red)) {
        return 1 if $_ eq $color;
    }
}

Then start using this handler for a 'color' column on the beer table
just like you do for printable, integer, etc.

Jim

--- Apache-MVC/lib/Maypole/Model/CDBI.pm Mon Jun 21 06:30:51 2004
+++ CDBI.pm Mon Aug 16 23:40:39 2004
@@ -31,7 +31,7 @@
 
 sub do_edit :Exported {
     my ($self, $r) = @_;
- my $h = CGI::Untaint->new(%{$r->{params}});
+ my $h = CGI::Untaint->new({ INCLUDE_PATH => ref $r}, %{$r->{params}});
     my $creating = 0;
     my ($obj) = @{$r->objects || []};
     if ($obj) {

_______________________________________________
maypole mailing list
maypole at lists.netthink.co.uk
http://lists.netthink.co.uk/listinfo/maypole



This archive was generated by hypermail 2.1.3 : Thu Feb 24 2005 - 22:25:56 GMT