File Coverage

blib/lib/CGI/Untaint/object.pm
Criterion Covered Total %
statement 15 17 88.2
branch 4 4 100.0
condition n/a
subroutine 6 8 75.0
pod 5 5 100.0
total 30 34 88.2


line stmt bran cond sub pod time code
1             package CGI::Untaint::object;
2              
3             =head1 NAME
4              
5             CGI::Untaint::object - base class for Input Handlers
6              
7             =head1 SYNOPSIS
8              
9             package MyUntaint::foo;
10              
11             use base 'CGI::Untaint::object';
12              
13             sub _untaint_re {
14             return qr/$your_regex/;
15             }
16              
17             sub is_valid {
18             my $self = shift;
19             return is_ok($self->value);
20             }
21              
22             1;
23              
24             =head1 DESCRIPTION
25              
26             This is the base class that all Untaint objects should inherit
27             from.
28              
29             =cut
30              
31 7     7   769 use strict;
  7         18  
  7         1899  
32              
33             sub _new {
34 24     24   55 my ($class, $h, $raw) = @_;
35 24         161 bless {
36             _obj => $h,
37             _raw => $raw,
38             _clean => undef,
39             } => $class;
40             }
41              
42             =head1 METHODS TO SUBCLASS
43              
44             =head2 is_valid / _untaint_re
45              
46             Your subclass should either provide a regular expression in _untaint_re
47             (and yes, I should really make this public), or an entire is_valid method.
48              
49             =cut
50              
51 14     14 1 54 sub is_valid { 1 }
52              
53             =head1 METHODS TO CALL
54              
55             =head2 value
56              
57             This should really have been two methods, but too many other modules
58             now rely on the fact that this does double duty. As an accessor, this
59             is the 'raw' value. As a mutator it's the extracted one.
60              
61             =cut
62              
63             sub value {
64 46     46 1 177 my $self = shift;
65 46 100       170 $self->{_clean} = shift if defined $_[0];
66 46         240 $self->{_raw};
67             }
68              
69             sub _untaint {
70 24     24   71 my $self = shift;
71 24         73 my $re = $self->_untaint_re;
72 24 100       129 die unless $self->value =~ $self->_untaint_re;
73 18         670 $self->value($1);
74 18         76 return 1;
75             }
76              
77             =head2 re_all / re_none
78              
79             Regular expressions to match anything, or nothing, untained. These should
80             only be used if you have already validated your entry in some way that
81             means you completely trust the data.
82              
83             =cut
84              
85 0     0 1 0 sub re_all { qr/(.*)/ }
86 0     0 1 0 sub re_none { qr/(?!)/ }
87              
88             =head2 untainted
89              
90             Are we clean yet?
91              
92             =cut
93              
94 17     17 1 179 sub untainted { shift->{_clean} }
95              
96             1;