in reply to Re: •Re: mmv-like hack in perl?
in thread mmv-like hack in perl?
But you're scaring me here. I said that the string had to be from a trusted source. As soon as you start talking "GUI", that makes me think that the user-ID of the person typing the string is not necessarily the user-ID of the person running the code.$new = $old; $new =~ s/$pattern/qq{$replace}/eeg;
Let me reemphasize. Using this code as-is will allow any arbitrary Perl code to be executed, including shelling out to execute arbitrary system commands. Clear? It's not just about mangling a string. You must either trust the invoker, or not use this code.
-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.
In Section
Seekers of Perl Wisdom