On 19.07.2020 23:00, Evgeniy Berdnikov via Exim-users wrote:
> On Sun, Jul 19, 2020 at 08:28:34PM +0200, Marcin Gryszkalis via
Exim-users wrote:
>> select regexp_replace('${quote_mysql:$authenticated_id}',
>> '[^A-Za-z0-9_.-]', '') }}/${tod_logfile}
>>
>> I know I could just use
>> file = /archive/from-${lookup mysql {
>> select '${quote_mysql:$authenticated_id}'}}/${tod_logfile}
>> but I wanted example which matches proposed "detaint" function.
>
> Try:
>
> ${lookup {string} nwildlsearch,ret=key {/run/detaint}\
> {expr-if-matched}{expr-if-fail}}
>
> where /run/detaint is file with character filter, in your case it may be
> a single string with regex ^[\w\.\-]$ or
>
> ^[A-Za-z0-9_\.\-]+$
As I understand this uses the change mentioned in 4.94-rc0 changes:
"- - An option on all single-key lookups, to return (on a hit)
a de-tainted version of the lookup key rather than the looked-up data."
If so - then I don't really understand why this is any better than
proposed string expansion detaint{$val}{regexp/charlist}...
best regards
--
Marcin Gryszkalis, PGP 0xA5DBEEC7
http://fork.pl/gpg.txt