Jump to content

Sanitize user input: Difference between revisions

Sanitize user input (view source)

Revision as of 16:51, 8 September 2021

3,288 bytes added ,  2 years ago
Added Wren
m (→‎{{header|Raku}}: more caveats)
(Added Wren)
Line 40:
 
Unfortunately, this is very vague and hand-wavey due to the vagueness of the task description. Really, any language could copy/paste 95% or better of the above, change the language name, and be done with it. But until the task description is made a little more focused, it will have to do.
 
=={{header|Wren}}==
{{libheader|Wren-ioutil}}
{{libheader|Wren-pattern}}
{{libheader|Wren-str}}
{{libheader|Wren-trait}}
<br>
I'll start by saying that I agree with everything that was said in the Raku entry but, in the interests of writing some code, I've taken a very simplistic view of which names are acceptable if, say, we're trying to build a database.
 
Basically, names are only valid if they contain letters or digits (yes, digits have been known to be used) in the ISO 8859 range and also hyphens, underscores or apostrophes. However, the first or last character of a name can't be a punctuation character.
 
Furthermore, that there is a blacklist of unacceptable names though in practice this would probably be much longer than the one I've used here.
<lang ecmascript>import "/ioutil" for Input
import "/pattern" for Pattern
import "/str" for Str
import "/trait" for Indexed
 
class Person {
construct new(firstName, lastName) {
_firstName = firstName
_lastName = lastName
}
 
firstName { _firstName }
lastName { _lastName }
 
toString { firstName + " " + lastName }
}
 
var persons = []
var blacklist = [
"drop", "delete", "erase", "kill", "wipe", "remove",
"table", "tables", "record", "records", "database", "database"
]
 
var p = Pattern.new("+1&y", Pattern.whole)
var punct = "'-_\xad" // allowable punctuation
 
var sanitizeInput = Fn.new { |name|
var ok = p.isMatch(name) && !(punct.contains(name[0]) || punct.contains(name[-1]))
if (!ok) return "Sorry, your name contains unacceptable characters."
name = Str.lower(name)
if (blacklist.contains(name)) return "Sorry, your name is unacceptable."
return ""
}
 
for (i in 1..20) {
var names = List.filled(2, null)
var outer = false
for (se in Indexed.new(["first", "last "])) {
var name = Input.text("Enter your %(se.value) name : ", 1)
var msg = sanitizeInput.call(name)
if (msg != "") {
System.print(msg + "\n")
outer = true
break
}
names[se.index] = name
}
if (outer) continue
persons.add(Person.new(names[0], names[1]))
System.print()
}
var count = persons.count
System.print("The following %(count) person(s) have been added to the database:")
for (person in persons) System.print(person)</lang>
 
{{out}}
Sample (abridged) input/output:
<pre>
Enter your first name : Donald
Enter your last name : Duck
 
Enter your first name : Mickey Mouse
Sorry, your name contains unacceptable characters.
 
Enter your first name : Bobby
Enter your last name : Tables
Sorry, your name is unacceptable.
 
Enter your first name : Fred
Enter your last name : rm -rf /
Sorry, your name contains unacceptable characters.
 
Enter your first name : David
Enter your last name : Wipe
Sorry, your name is unacceptable.
 
Enter your first name : Nicolas
Enter your last name : Pépé
 
Enter your first name : Marilyn
Enter your last name : Monroe
 
Enter your first name : Bridget
Enter your last name : O'Riley
 
Enter your first name : 'Prince-
Sorry, your name contains unacceptable characters.
 
... (plus another 11 acceptable people)
 
The following 15 person(s) have been added to the database:
Donald Duck
Nicolas Pépé
Marilyn Monroe
Bridget O'Riley
... (11 more)
</pre>
PureFox
9,485

edits

Retrieved from "https://rosettacode.org/wiki/Special:MobileDiff/315802"
Cookies help us deliver our services. By using our services, you agree to our use of cookies.
More information