[Maypole] A few post-2.05 change questions
Jesse Sheidlower
jester@panix.com
Sat, 22 Jan 2005 22:57:10 -0500
On Sat, Jan 22, 2005 at 07:41:26PM -0800, Peter Speltz wrote:
>
> --- Jesse Sheidlower <jester@panix.com> wrote:
>
> >
> > Hi. I'm just returning to some programming after time
> > spent on $WORK, updated Maypole from 2.04 to 2.06, and
> > promptly ran into two problems.
> >
> > First, in one of my databases, I have a column called
> > "description", which is not an SQL reserved word or a
> > reserved word in CDBI or anything.
>
> they pulled/will pull that in 2.07.
OK, great.
> > Second, in a different application--one that, unlike most of
> > my Maypole apps, is straightforward and doesn't override half
> > of Maypole--I am now getting untaint errors where I didn't
> > used to before. I don't want to untaint anything here, and I
> > don't have required columns, but in this situation when I
> > leave a field blank, I am getting "author () does not untaint
> > with default pattern" errors. Now, author is a display_column
> > but I don't require it for untainting anywhere.
>
> I have this one too. I thought i got it after upgrading CGI::Untaint though.
> did CGI::Untaint get updated as well?
It's possible; I usually recursively upgrade all my modules
and dependencies etc. whenever there's anything new.
Guess I'll just go back to DFV, even though I'm not validating
anything. Perhaps there could be a more tunable way to choose
validation packages in Maypole? It's annoying to have to
override all of do_edit just for a different validator; maybe
it could call out to a validation method and one could override
this only.
But that's for the dev list, or for me when I have more time
to fuss with it.
Thanks.
Jesse Sheidlower