In my Rails application, the user''s username basically has a dir created for it... For that reason, I have to make sure it doesn''t contain \ characters. (among others). I have been successful in filtering out the others with the include? method, but when I do: if sURL.include? "\", there is an error... How would I ask if the var sURL contained the \ character? Do I have to do any escaping? thanks. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Jakob Skjerning
2006-Oct-02 13:17 UTC
Re: can''t seem to figure out how to secure the ''\'' character
Ben wrote:> when I do: if sURL.include? "\", there is an error... How would I ask > if the var sURL contained the \ character? Do I have to do any > escaping? thanks.Yes, you''re basically escaping the quotation mark now. Do sURL.include?("\\") instead. -- Jakob Skjerning - http://mentalized.net --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Zed A. Shaw
2006-Oct-02 18:39 UTC
Re: can''t seem to figure out how to secure the ''\'' character
On Mon, 2 Oct 2006 15:07:10 +0200 Ben <rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> > In my Rails application, the user''s username basically has a dir created > for it... For that reason, I have to make sure it doesn''t contain \ > characters. (among others). I have been successful in filtering out the > others with the include? method, but when I do: if sURL.include? "\", > there is an error... How would I ask if the var sURL contained the \ > character? Do I have to do any escaping? thanks.Hey Ben, what you actually want to do is the inverse. You want a regex that has only allowed characters and then you want to reject anything else. In other words, you have "I accept everything except, ..." which leads to you playing constant catch-up. What you really want is "I reject everything, except ..." or "I accept only X and reject everything else." I would start with something like this: if username =~ /^[a-zA-Z0-9]*$/ # accepted! else # rejected! end Another thing is to strip the username of spaces and then freeze it so that it doesn''t get double interpreted or accidentally modified later in your program. -- Zed A. Shaw, MUDCRAP-CE Master Black Belt Sifu http://www.zedshaw.com/ http://mongrel.rubyforge.org/ http://www.lingr.com/room/3yXhqKbfPy8 -- Come get help. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---