Cool/useful short examples of Perl?
'lesleyb'
lesleyb at herlug.org.uk
Mon May 30 14:27:25 BST 2011
On Mon, May 30, 2011 at 11:40:57AM +0100, Leo Lapworth wrote:
> Hi,
>
> I'm working on http://learn.perl.org/ and I'd like to have a few rotating
> example of what can be done with Perl on the home page.
>
> The first two I've thought of are below, does anyone have others?
>
> They don't have to use CPAN modules, one liners are fine as long as it
> is simple to see what they do. I'll have a 'more' link which goes on to
> show full example with line by line explanations.
>
> Module preference is anything from http://search.cpan.org/dist/Task-Kensho/
>
> E.g.:
>
> This is probably max sort of size...
>
> # Send an email
> use Email::Sender::Simple qw(sendmail);
> use Email::Simple;
> use Email::Simple::Creator;
>
> my $email = Email::Simple->create(
> header => [
> To => '"Xavier Q. Ample" <x.ample at example.com>',
> From => '"Bob Fishman" <orz at example.mil>',
> Subject => "don't forget to *enjoy the sauce*",
> ],
> body => "This message is short, but at least it's cheap.\n",
> );
>
> sendmail($email);
>
I am a little fearful people will substitute variables on the
RHS in a CGI script without untainting first and then complain
when the problems show up. While that is admittedly using the example
outside the scope intended, I suggest a note or comment saying 'if you
need 'To => $recipient' instead of a known string, in some/many
circumstances you might need to untaint the variable $recipient first'.
The untaint word could then have a link to an explanation of what
tainting/untainting is, why it's a good idea to use it and maybe some
short examples on how to use it? Even an example of how to untaint a
'basic' RFC822 email address?
That way you could keep within your line limit and provide 'safe'
stuff for some values of safe and stuff of course e.g.
*****************
Taint/Untaint :
See perldoc perlsec for more details on Perl's taint mode.
To activate taint mode explicitly, use the -T flag as in
#!/usr/bin/perl -T
Untainting data means verifying, usually by regular expression,
that the data is what you expect it to be. From perldoc perlsec
"Here's a test to make sure that the data contains nothing but
"word" characters (alphabetics, numerics, and underscores),
a hyphen, an at sign, or a dot. From perldoc perlsec
if ($data =~ /^([-\@\w.]+)$/) {
$data = $1; # $data now untainted
} else {
die "Bad data in '$data'"; # log this somewhere
}
*****************
Which comes out at 17 lines including the title line.
Not my original work and quite possibly totally off the mark
for the intended audience but hope it helps
Kind Regards
Lesley
More information about the london.pm
mailing list