Thanks for the suggestions. Indeed, specifying a list of chars which
is clean (e.g. [a-zA-Z0-9_] for a username in English) is optimum, and
I prefer that. But when you are working with fully multilingual
material, this becomes pretty much impossible. As the site in question
is all about language learning and could eventually handle any
language, that is the issue.

Rejecting some of the suspicious chars you suggest is something I will
do - but even that is not foolproof as there are various ways (more
than one, IIRC, but I'm not sure what they all are) of using escape
sequences to get through.

Of the list you suggest, I'd need to keep (, ), ? - all the rest I
could kill quite happily.

Again, thanks for the input. I'm going to forward this to the
DBIx::Class list (as that is probably where it should have gone in the
first place).

Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 5 of 9 | next ›
Discussion Overview
groupcatalyst @
categoriescatalyst, perl
postedJun 5, '08 at 7:05p
activeJun 8, '08 at 10:17a



site design / logo © 2021 Grokbase