X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FRecord.pm;h=82f590f94b570786ec97140e45243adb083d00cb;hp=646a57607d8ed503f0c5e89af502e9bc12b9d220;hb=2066bf9d3ebb4e53c49ab8b4b447c4eb88e425a4;hpb=5d2a3918043acd0d3ead743fc44a3a3a0fbc4aec diff --git a/FS/FS/Record.pm b/FS/FS/Record.pm index 646a57607..82f590f94 100644 --- a/FS/FS/Record.pm +++ b/FS/FS/Record.pm @@ -74,6 +74,7 @@ FS::Record - Database record objects $value = $record->ut_alphan('column'); $value = $record->ut_phonen('column'); $value = $record->ut_anythingn('column'); + $value = $record->ut_name('column'); $dbdef = reload_dbdef; $dbdef = reload_dbdef "/non/standard/filename"; @@ -789,8 +790,37 @@ sub ut_domain { ''; } +=item ut_name COLUMN + +Check/untaint proper names; allows alphanumerics, spaces and the following +punctuation: , . - ' + +May not be null. + +=cut + +sub ut_name { + my( $self, $field ) = @_; + $self->getfield($field) =~ /^([\w \,\.\-\']+)$/ + or return "Illegal (name) $field: ". $self->getfield($field); + $self->setfield($field,$1); + ''; +} + +=item ut_zip COLUMN + +Check/untaint zip codes. + =cut +sub ut_zip { + my( $self, $field ) = @_; + $self->getfield($field) =~ /^\s*(\w[\w\-\s]{2,8}\w)\s*$/ + or return "Illegal (zip) $field: ". $self->getfield($field); + $self->setfield($field,$1); + ''; +} + =item ut_anything COLUMN Untaints arbitrary data. Be careful. @@ -919,7 +949,7 @@ sub DESTROY { return; } =head1 VERSION -$Id: Record.pm,v 1.18 2001-07-30 07:33:08 ivan Exp $ +$Id: Record.pm,v 1.19 2001-07-30 10:41:44 ivan Exp $ =head1 BUGS @@ -949,7 +979,7 @@ The ut_money method assumes money has two decimal digits. The Pg money kludge in the new method only strips `$'. -The ut_phonen method assumes US-style phone numbers. +The ut_phonen method only checks US-style phone numbers. The _quote function should probably use ut_float instead of a regex. @@ -962,6 +992,8 @@ As of 1.14, DBI fetchall_hashref( {} ) doesn't set fetchrow_hashref NAME_lc, or allow it to be set. Working around it is ugly any way around - DBI should be fixed. (only affects RDBMS which return uppercase column names) +ut_zip should take an optional country like ut_phone. + =head1 SEE ALSO L, L, L