[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Printf and quoting in general, SQL injection in particular [was: Ema
From: |
Jean Louis |
Subject: |
Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way] |
Date: |
Mon, 28 Jun 2021 09:59:22 +0300 |
User-agent: |
Mutt/2.0.7+183 (3d24855) (2021-05-28) |
* Emanuel Berg <moasenwood@zoho.eu> [2021-06-26 02:50]:
> Jean Louis wrote:
>
> > To summarize, it is better to use file related functions
> > whenever possible, checking if it is directory, using
> > functions like `file-name-as-directory' and so on.
>
> Yes, of course.
>
> > (format "%s/%s/" (rcd-crm-directory-by-id) id))
> > (concat (rcd-crm-directory) "/" (cadr (rcd-crm-directory-data))))
> > (concat (rcd-crm-directory) "/" (cadr (rcd-crm-directory-data))))
>
> Is this what you are not allowed to do?
>
> I ask because it looks similar to mine, only not as good,
> perhaps. Ha.
>
> OK, how is it suppose to look then?
I think by using file- related functions:
(defun doi-file-find (md5)
"Return existing MD5 file for Double Opt-In.confirmation or NIL."
(let ((file (concat (file-name-as-directory doi-directory)
(file-name-as-directory (substring md5 0
doi-substring-to))
md5)))
(if (file-exists-p file) file nil)))
in that case `file-name-as-directory' is protecting the case of
vraiable `doi-directory' not to have slash on the and.
Before I have used my function:
(defun slash-add (path)
"Adds slash `/` quickly on the end of string"
(if (string= path "")
"/"
(let ((last (substring (reverse path) 0 1)))
(if (string= last "/") path
(concat path "/")))))
Or
(defun string-add (string add)
"Returns string 'add' on the end of the string if there is none"
(let* ((string (replace-regexp-in-string " *" "" string))
(added (string-match (format "%s$" add) string)))
(if added string (concat string add))))
When concatenating directory names it is important to take care of slashes.
--
Jean
Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns
In support of Richard M. Stallman
https://stallmansupport.org/
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], (continued)
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/28
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way],
Jean Louis <=
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/26
- Re: Emacs Modular Configuration: the preferable way., Emanuel Berg, 2021/06/21
- Re: Emacs Modular Configuration: the preferable way., Lars Ingebrigtsen, 2021/06/22
- Re: Emacs Modular Configuration: the preferable way., Emanuel Berg, 2021/06/26
Re: Emacs Modular Configuration: the preferable way., Jean Louis, 2021/06/21
Re: Emacs Modular Configuration: the preferable way., Jean Louis, 2021/06/21