Skip Menu |
 

This queue is for tickets about the CGI-Untaint-boolean CPAN distribution.

Report information
The Basics
Id: 8132
Status: resolved
Worked: 45 min
Priority: 0/
Queue: CGI-Untaint-boolean

People
Owner: chromatic [...] cpan.org
Requestors: essuu [...] ourshack.com
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: 0.12
Fixed in: (no value)

Attachments
CGI-Untaint-boolean-0.12.patch



Subject: Empty fields do not return 0
Download (untitled) / with headers
text/plain 446b
Hi, According to the docs, $self->value should be set to 0 if the input i not 'on' but this never happens as the call to $self->value( $value eq 'on' ? 1 : 0 ) never has a chance to run unless $value is actually 'on'. The attached patch seems to give the correct behaviour but I'm getting an odd test failure in is_extractable where passing in '' returns '' when passing in '' later on returns 0. Or am I just doing something stupid ? Simon.
Only in CGI-Untaint-boolean-0.12: blib Only in CGI-Untaint-boolean-0.12: _build Only in CGI-Untaint-boolean-0.12: Build diff -ru CGI-Untaint-boolean-0.12.orig/lib/CGI/Untaint/boolean.pm CGI-Untaint-boolean-0.12/lib/CGI/Untaint/boolean.pm --- CGI-Untaint-boolean-0.12.orig/lib/CGI/Untaint/boolean.pm 2004-07-07 05:49:01.000000000 +0100 +++ CGI-Untaint-boolean-0.12/lib/CGI/Untaint/boolean.pm 2004-10-26 20:43:26.000000000 +0100 @@ -14,10 +14,17 @@ my $self = shift; my $value = $self->value(); - return unless $value and $value =~ $self->_untaint_re(); - - $self->value( $value eq 'on' ? 1 : 0 ); - return 1; + my $is_valid = 0; + if ($value) { + $is_valid++ if $value =~ $self->_untaint_re(); + }else{ + $is_valid++; #nothing or undef is valid + } + #return unless $value and $value =~ $self->_untaint_re(); + + $self->value( $value eq 'on' ? 1 : 0 ); + + return $is_valid; } 1; diff -ru CGI-Untaint-boolean-0.12.orig/t/boolean.t CGI-Untaint-boolean-0.12/t/boolean.t --- CGI-Untaint-boolean-0.12.orig/t/boolean.t 2004-07-07 05:49:01.000000000 +0100 +++ CGI-Untaint-boolean-0.12/t/boolean.t 2004-10-26 20:48:35.000000000 +0100 @@ -9,7 +9,7 @@ use strict; use Scalar::Util 'tainted'; -use Test::More tests => 13; +use Test::More tests => 17; my $module = 'CGI::Untaint::boolean'; my $parent = 'CGI::Untaint::object' ; @@ -30,7 +30,7 @@ unless eval { require Test::CGI::Untaint; $tcu->import(); 1 }; is_extractable( 'on', 1, 'boolean' ); - is_extractable( '', '', 'boolean' ); + is_extractable( '', 0, 'boolean' ); unextractable( 'wibbly', 'boolean' ); } @@ -47,5 +47,10 @@ can_ok( $bool, 'is_valid' ); $bool->value( 'on' ); ok( $bool->is_valid(), "is_valid() should return true if value is 'on'" ); +is( $bool->value(), 1, "value becomes 1" ); $bool->value( 'foo' ); ok( ! $bool->is_valid(), '... or false otherwise' ); +is( $bool->value(), 0, "value becomes 0" ); +$bool->value( '' ); +ok( $bool->is_valid(), '... nothing is a valid state' ); +is( $bool->value(), 0, "value becomes 0" );
Download (untitled) / with headers
text/plain 837b
[guest - Tue Oct 26 16:06:00 2004]: Show quoted text
> According to the docs, $self->value should be set to 0 if the input i > not 'on' but this never happens as the call to $self->value( $value > eq 'on' ? 1 : 0 ) never has a chance to run unless $value is > actually 'on'.
Yep, good catch. I've fixed this in version 1.00 and I've revised the documentation to promise only returning a true or a false value, not 1 or 0 specifically. Show quoted text
> The attached patch seems to give the correct behaviour but I'm getting > an odd test failure in is_extractable where passing in '' returns > '' when passing in '' later on returns 0. > > Or am I just doing something stupid ?
It's not you. The test was doing something stupid that CGI::Untaint didn't allow. I've revised the test and it appears to do the right thing now. Thanks for the patch!


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.