NAME

VCI::Util - Types and Utility Functions used by VCI

DESCRIPTION

This contains mostly subtypes used by accessors in various VCI modules.

SUBROUTINES

detaint

Used internally to detaint strings that are only used in safe ways.

Unsafe actions would include:

  • system or exec calls

  • Putting the string unchecked directly into SQL

  • Passing to any external program or module that doesn't properly check its arguments for security issues, or that might do something unsafe with a particular file or directory that you're passing. (This is true even if you use a safe module like IPC::Run to call the command.)

That is not a complete list. All VCI::VCS implementors are strongly encouraged to read perlsec.

Note that passing a string to IPC::Run is safe, because a shell is never invoked. If you are going to use IPC::Cmd, please see other VCI::VCS implementations for how to make it safe.

taint_fail

This handles throwing errors or warnings under taint mode. If we're in -t mode, this just throws a warning. If we're in -T mode, this will throw an error using the message you pass.

Messages are thrown from the perspective of the caller, so the error is shown up as an error in the caller's code, not an error in VCI.

It takes one argument: the message to warn or die with.

TYPES

Objects

VCI::Type::DateTime

A DateTime object.

If you pass in a number for this argument, it will be interpreted as a Unix epoch (seconds since January 1, 1970) and converted to a DateTime object using "from_epoch" in DateTime.

If you pass in a string that's not just an integer, it will be parsed by DateTime::Format::DateParse. (Note: If you don't specify a time zone in your string, it will be assumed your time is in the local time zone.)

VCI::Type::IntBool

This is basically an Int that accepts undef and turns it into 0, and converts a string into 1 if it represents a true value, 0 if it doesn't.

VCI::Type::Path

A Path::Abstract::Underload object.

If you pass a string for this argument, it will be converted using "new" in Path::Abstract::Underload. This means that paths are always Unix paths--the path separator is always /. \path\to\file will not work.

After processing, the path will never start with / and never end with /. (In other words, it will always be a relative path and never end with /.)

If you pass the root path (/) you will get an empty path.