WeBWorK Main Forum

Valid user_id

Re: Valid user_id

by Samuel Lundqvist -
Number of replies: 0
Maybe I didn't make myself clear in the last post.

The problem is that listUserProblems returns an empty list when the user_id contains "@". The print statement displays the user name correct, so it does not seem to escape improperly.

sub listUserProblems {
my ($self, $userID, $setID) = shift->checkArgs(\@_, qw/user_id set_id/);
print CGI::p("userID: ($userID)");
my $where = [user_id_eq_set_id_eq => $userID,$setID];
if (wantarray) {
return map { @$_ } $self->{problem_user}->get_fields_where(["problem_id"], $where);
} else {
return $self->{problem_user}->count_where($where);

What about workarounds? If it is an escape problem, I guess it would be possible to use something like quotemeta on the user_id when it is first defined. It would also be possible to simply remove the "@" from the user_id. Is verify_normal_user in Authen.pm the correct place to do that?