What I think when I see "foo == false"?
Guy doesn't get booleans. Guy needs to stay away from my upstream code.
What I think when I see "foo == false"?
Guy doesn't get booleans. Guy needs to stay away from my upstream code.
@realmerlyn said:
I've been fighting this battle for years now... people writing "validation" regex for "email" addresses who haven't seen RFC[2]822, and ignoring the standard ways of doing this. Of course, we have other people who copy those people, so it's really becoming this bad virus of what "email" addresses are. Most of the time, these regex would reject my test address <fred&barney@stonehenge.com>, which has been in place for about a dozen years now. (Go ahead, try it... it's an autoresponder.) There is no inherent insecurity in accepting '822. It just means you coded bad somewhere else. Never let an email address near an unescaped SQL parameter or shell command line! It's not hard, people!
Oh, for grins, google for: site:regexlib.com "wrong wrong wrong"
You'll see all the times I've been fighting this in a place intending to exchange regular expressions for things.