Regex question

[ajam]

Okay, I have the following little problem with regular expressions. I
have two scalar variables $var1 and $var2 as follows:

$var1 = $var2 = "This is a test for C++ and anything else.";

, and I'm trying to compare them as follows:

$var1 =~ /\Q$var2/


Given the fact I have a dot (.) and two plus signs, I need escape the
and '\Q' is supposed to make the content of $var2 literal. Hence, the
plus signs, for example, should just be read as plus signs and not like
'one or more.' Well, at least this is the theory, but it just doesn't
work.

If anyone has any comments on this, I would love to hear it. Thanks
ahead!

-ajam

 

[Jürgen Exner]

Okay, I have the following little problem with regular expressions. I
have two scalar variables $var1 and $var2 as follows:

$var1 = $var2 = "This is a test for C++ and anything else.";

, and I'm trying to compare them as follows:

$var1 =~ /\Q$var2/

If you are trying to check if $var2 is a contained in $var1 then REs are not
the best tool.
I would use index() instead.

Given the fact I have a dot (.) and two plus signs, I need escape the
and '\Q' is supposed to make the content of $var2 literal.

From the documentation of index():

The index function searches for one string within another, but
without the wildcard-like behavior of a full regular-expression
pattern match. [...]

Sounds very much like what you are looking for.

jue

 

[ajam]

Thanks for your responses. I have to say this was actually a
simplification of my real problem. And you are totally right. I also
tried it, as you stated and it works fine. But in the CGI script
things aren't, even though it looks the same and it works with all
other strings I've tried. Again, the string I'm having a problem with
is one with a double plus sign, "++."

I'm beginning to believe the problem is I'm doing this through a CGI
script, where $var1 is a literal string I'm reading from an XML file
and $var2 comes via the CGI module, as in:

$var2 = param('item');
if ($var1 =~ /\Q$var2/) { ... }

Again, the script works fine with all other strings, except for one
with the "++." Well, actually there is another one I also had a
problem, although a little bit different. This other string contains a
hash, #. The deal with this one is that the comparison occurs without
any problem, but the string itself gets cut after the '#.' Hence, the
CGI module might be culprit.

Thanks again,

-ajam

hackbuzz.com
The Security and Programming News Portal

 

[DJ Stunks]

Thanks for your responses. I have to say this was actually a
simplification of my real problem. And you are totally right. I also
tried it, as you stated and it works fine. But in the CGI script
things aren't, even though it looks the same and it works with all
other strings I've tried. Again, the string I'm having a problem with
is one with a double plus sign, "++."

I'm beginning to believe the problem is I'm doing this through a CGI
script, where $var1 is a literal string I'm reading from an XML file
and $var2 comes via the CGI module, as in:

$var2 = param('item');
if ($var1 =~ /\Q$var2/) { ... }

I don't really feel like writing a test script for this, but I assume
your issue is something along the lines of CGI.pm assuming that that
+'s in the parameter ( param(item) ) are only there because the string
it has received has been URL encoded ( s/ /+/g rather than s/ /%20/ ).

I'm sure there are ways around this.

Good luck,
-jp

 

[ajam]

Thanks for your response.

After doing a test to check what the heck I'm getting through CGI.pm,
it seems as if the plus signs (++) were removed. Hence, no wonder I
the conditional statement didn't work.

I could certainly do a substitution before or after sending the data
through the CGI module. At this stage, doing it after will not make
any sense, since, as previously mentioned, the '++' are gone by then.
So, I suppose I'll go ahead and substitute the plus signs by an
equivalent, or escape the plus signs before CGI.pm swallows them.

I would love to find out if CGI.pm could be tweaked so that it won't
interpret anything, and let me deal with whatever data is in the
parameters...

Thanks again,

ajam

hackbuzz.com
The Security and Programming News Portal

 

[DJ Stunks]

(rearranged --- PLEASE do not top post. if you don't know that "top
posting" is look it up on wikipedia)

After doing a test to check what the heck I'm getting through CGI.pm,
it seems as if the plus signs (++) were removed. Hence, no wonder I
the conditional statement didn't work.

<snip>

I would love to find out if CGI.pm could be tweaked so that it won't
interpret anything, and let me deal with whatever data is in the
parameters...

ah yes, I would surely love it too! if only there were some way we
could figure out how CGI.pm worked! Darn you CGI.pm!

well, after talking to a very helpful operator at The Psychic Friends
Network, she suggested you try

autoEscape(0);

and see if that works.

-jp

 

[ajam]

Awesome post!!! ))

So The Psychic Friends Network hotline is your secret? I'm making a
note of that right now!

Thanks for your time!

Cheers, ajam

hackbuzz.com
The Security and Programming News Portal