|We don't bite newbies here... much
Re: Re: Re: Test if string is already quote()'d?by demerphq (Chancellor)
|on Jun 15, 2003 at 14:54 UTC
But then again, it won't solve the problem of checking for escaped quotes within the string.
To me this is the wrong time/place to worry about this. You deal with issues like that when you read your data in. My understanding is that the OP wanted to design an interface that could take quoted variables and do the right thing, or take unquoted variables and do the right thing. As long as the interface defines clearly what constitues a quoted variable, and what the rules it uses to recognize one, then it is the callers responsibility to handle the data appropriately.
Consider that perhaps on occasion the fact that the quote handling isn't perfect may be a useful workaround for a tight situation.
However the fact that this behaviour is open to abuse might make me add a safety mechanism to prevent it if I choose, and would certainly result in a note in the documentation stating that it is no more secure than the data it is fed.
<Elian> And I do take a kind of perverse pleasure in having an OO assembly language...