Best IT Recipes

In a bash script, how do I sanitize user input?

I am looking for the best way to make simple input:

echo -n "Enter a string here: " read -e STRING

and clear it by removing non-alphanumeric characters, lower (case) and replacing spaces with underscores.

Does the question matter? tr best / only way to do this?

+41
bash shell sanitization user-input
Sep 18 '08 at 2:56
source share
5 answers

As dj_segfault points out, the shell can do most of this for you. It looks like you have to retreat to something external for the bottom of the column. You have many options for this, such as perl one-liners above, etc., but I think tr is probably the easiest.

 # first, strip underscores CLEAN=${STRING//_/} # next, replace spaces with underscores CLEAN=${CLEAN// /_} # now, clean out anything that not alphanumeric or an underscore CLEAN=${CLEAN//[^a-zA-Z0-9_]/} # finally, lowercase with TR CLEAN=`echo -n $CLEAN | tr AZ az`

The order here is somewhat important. We want to get rid of underscores, and also replace spaces with underscores, so we must definitely remove the underscores. Waiting until the end to the end, etc., we know that we only have alphanumeric and underscores, and we can be sure that we do not have spaces, so we don’t need to worry about special characters being interpreted by the shell.

+40
Sep 18 '08 at 17:04
source share

Bash can do it all on its own, thank you very much. If you look at the section of the man page for Parameter Extension , you will see that bash has built-in substitutions, substring, trim, rtrim, etc.

To exclude all non-letter characters, do

 CLEANSTRING=${STRING//[^a-zA-Z0-9]/}

This is Occam's razor. There is no need to start another process.

+28
Sep 18 '08 at 4:18
source share

Quick and dirty:

STRING=`echo 'dit /ZOU/ een test123' | perl -pe's/ //g;tr/[AZ]/[az]/;s/[^a-zA-Z0-9]//g'`

+1
Sep 18 '08 at 3:06
source share

You can run it through perl.

 export CLEANSTRING=$(perl -e 'print join( q//, map { s/\\s+/_/g; lc } split /[^\\s\\w]+/, \$ENV{STRING} )')

I use the subshell ksh-style here, I'm not quite sure if it works in bash.

What a nice thing about the shell is that you can use perl, awk, sed, grep ....

+1
Sep 18 '08 at 3:36
source share

After looking around a bit, it seems tr really the easiest way:

 export CLEANSTRING="`echo -n "${STRING}" | tr -cd '[:alnum:] [:space:]' | tr '[:space:]' '-' | tr '[:upper:]' '[:lower:]'`"

Occam's razor , I suppose.

0
Sep 18 '08 at 3:01
source share


More articles:


All Articles