[SOLVED] Replacing/Ignoring bad characters in code

vigilant · Post by **vigilant** » Mon Dec 08, 2008 9:39 pm

How can I accomplish this?
Lets say the nickname has a character such as \
how can I get rid of it or ignore it?

please suggest

Post by **user** » Tue Dec 09, 2008 5:39 am

What "bad" characters? Are you sure you want to ignore them? Here's a line that will get rid of alot of characters:

Code: Select all

regsub -all \\W+ $string "" string

...but I'm not sure this is what you really need

(your wording makes me think you might be having problems related to treating strings as lists)

vigilant · Post by **vigilant** » Tue Dec 09, 2008 11:35 am

user wrote:What "bad" characters? Are you sure you want to ignore them? Here's a line that will get rid of alot of characters:
Code: Select all
regsub -all \\W+ $string "" string
...but I'm not sure this is what you really need (your wording makes me think you might be having problems related to treating strings as lists)

Yes , hello for your prompt reply. I guess so, like first when you receive the nickname argument using a normal bind... and it has characters like, \ / [] and so on. What's the easiest way to capture the nickname including the [ ] , because it's not when it has \ / characters...

Post by **nml375** » Tue Dec 09, 2008 1:56 pm

It sounds to me like you are looking for ways to avoid being exploited by nicknames such as [die].

The proper way of avoiding this is not to do massive regexp's, and other mangling, but rather use proper tcl-scripting, being aware of the command and variable substitutions done by the tcl engine, and when it does this.
This, of course, isn't something can can expect from a fresh tcl-coder, but comes from experience. If you post examples of where you are having problems, we could better point you in the right way in those specific issues.

One "rule of thumb" however, if you need to build a command line to be passed to the tcl interpreter (such as when you use timer/utimer), make it a list, as this will protect the individual items from substitutions during the next parsing.

vigilant · Post by **vigilant** » Tue Dec 09, 2008 1:59 pm

nml375 wrote:It sounds to me like you are looking for ways to avoid being exploited by nicknames such as [die].

The proper way of avoiding this is not to do massive regexp's, and other mangling, but rather use proper tcl-scripting, being aware of the command and variable substitutions done by the tcl engine, and when it does this.
This, of course, isn't something can can expect from a fresh tcl-coder, but comes from experience. If you post examples of where you are having problems, we could better point you in the right way in those specific issues.

One "rule of thumb" however, if you need to build a command line to be passed to the tcl interpreter (such as when you use timer/utimer), make it a list, as this will protect the individual items from substitutions during the next parsing.

Okay.. thanks. I was thinking of list

Thanks for clarifying.

Post by **Sir_Fz** » Tue Dec 09, 2008 2:35 pm

Script Security

vigilant · Post by **vigilant** » Tue Dec 09, 2008 10:07 pm

Sir_Fz wrote:Script Security

I think better than that is, http://www.peterre.info/characters.html

Post by **Sir_Fz** » Wed Dec 10, 2008 9:18 am

That is mentioned in the "Script Security" thread vigilant

vigilant · Post by **vigilant** » Wed Dec 10, 2008 11:05 am

Sir_Fz wrote:That is mentioned in the "Script Security" thread vigilant

lolllllllll

Well great then :O