unix path validation

[mike]

hi

how can i use pattern matching with PERL to validate a user keying in
a unix pathname
I wish to make sure that
1) pathname must be in the form /dir1/dir2/filname ( any amount of
directory levels)
2) user cannot use other characters for the path separator, only can
use "/"

here is my piece of code

printf "Enter pathname of the file(eg. \/path\/path2 ): ";
my $path = <STDIN>; chomp($path);
@pathname = split("/", $path);
foreach $split_path ( @pathname )
{
chomp($split_path);
last if $split_path !~ /[a-zA-Z0-9]+/ or $split_path !~ /\//;

}

Am i doing it correctly or is the check sufficient??
thanks..

 

[Sherm Pendley]

printf "Enter pathname of the file(eg. \/path\/path2 ): ";
my $path = <STDIN>; chomp($path);
@pathname = split("/", $path);
foreach $split_path ( @pathname )
{
chomp($split_path);
last if $split_path !~ /[a-zA-Z0-9]+/ or $split_path !~ /\//;

}

Am i doing it correctly or is the check sufficient??

Two comments:

If the path is to be used on the local system, it might be sufficient to
check for its existence with "-e $path". (See perldoc -f -X).

The regex above is needlessly restrictive, omitting many characters which
are perfectly valid in UNIX path names.

sherm--

 

[Gunnar Hjalmarsson]

how can i use pattern matching with PERL to validate a user keying
in a unix pathname
I wish to make sure that
1) pathname must be in the form /dir1/dir2/filname ( any amount of
directory levels)
2) user cannot use other characters for the path separator, only
can use "/"

here is my piece of code

printf "Enter pathname of the file(eg. \/path\/path2 ): ";
my $path = <STDIN>; chomp($path);
@pathname = split("/", $path);
foreach $split_path ( @pathname )
{
chomp($split_path);
last if $split_path !~ /[a-zA-Z0-9]+/ or $split_path !~ /\//;

}

Am i doing it correctly or is the check sufficient??

Neither. You didn't really try, did you?

First let's look at the split:

@pathname = split("/", $path);

If $path begins with /, the first element in @pathname will be empty,
which is probably not what you expected. Can be fixed with:

@pathname = split("/", $path);
shift @pathname unless $pathname[0];

last if $split_path !~ /[a-zA-Z0-9]+/ or $split_path !~ /\//;
----^^^^

That stops the loop if a directory or file name fails the check, but
the program will keep running, which makes the whole check pointless.
You need to make the program act in some other way, e.g. like:

die "Forbidden character in path.\nProgram was stopped.\n"
if $split_path !~ /[a-zA-Z0-9]+/ or $split_path !~ /\//;
---------------------------------------^^^^^^^^^^^^^^^^^^^^^^

Now let's look at that second part. Since you splitted on "/", that
part will make the check fail every time, which of course makes no
sense. You'd better skip it:

die "Forbidden character in path.\nProgram was stopped.\n"
if $split_path !~ /[a-zA-Z0-9]+/;
---------^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Now let's look at the remaining part. It will make the check pass if
the directory or file name includes at least one letter or digit,
irrespective of what else is there. That's obviously not what you
want, so you need to anchor it:

die "Forbidden character in path.\nProgram was stopped.\n"
if $split_path !~ /^[a-zA-Z0-9]+$/;
-------------------------^------------^

Now, but only now, I agree on Sherm's remark that the check is
"needlessly restrictive". You know better than me which characters
that need to be allowed, but the following suggestion adds the most
typical:

die "Forbidden character in path.\nProgram was stopped.\n"
if $split_path !~ /^[-_.a-zA-Z0-9]+$/;
---------------------------^^^

Other comments on your code:

- Enable strictures and warnings and my() declare all variables.
- Don't use printf() when print() is sufficient.