NAME
String::Interpolate - Wrapper for builtin the Perl interpolation engine.
SYNOPSIS
# Functional interface
use String::Interpolate qw( safe_interpolate interpolate );
our($GREET) = 'Hello'; # Cannot be lexical
print interpolate( '$GREET $1\n', [ 'world' ] );
# Object interface
use String::Interpolate;
my $who;
my $template = new String::Interpolate { WHO => \$who };
$template->{TIME} = sub () { localtime }; # Tie $TIME to localtime()
$template->( [ qw( now it ) ] ); # Set $1, $2
$template->[3] = 'is'; # Sets $3
$who = 'old friend';
$template->( '$REV{olleH} $WHO, $2 $3 $1 $TIME$_' ); # Set string to process
$template->{REV} = sub { reverse @_ }; # Tie %REV to reverse()
$_ = '.';
print "$template\n"; # Perform interpolation
# Peform the interpolation in a Safe compartment.
my $replace = safe String::Interpolate '\u\L$1';
my $search = qr/(\w+)/;
$_ = "HELLO world\n";
s/$search/$replace/eg; # /e supresses optimisation
print;
DESCRIPTION
String::Interpolate
provides a neat interface to the solution to that perenial Perl problem - how to invoke the Perl string interpolation engine on a string contained in a scalar variable.
A String::Interpolate
object encapsulates a string and a context in which it should be subjected to Perl interpolation. In the simplest, default, case the context is simply the namespace (package) from which the constructor was called.
A String::Interpolate
object may hold a reference to an array and hashes that will be used to populate the special variables $1 etc and some package variables respectively prior to each interpolation.
In general special globally global variables such as $_ can be used in the interpolation, the exception being @_ which is always empty during the interpolation.
The interpolated string is processed with strictures and warnings enabled excluding 'strict vars' and 'warnings uninitialized' so that interpolating undefined variables will be silently ignored. This behaviour can be altered using the pragma() method.
Because the Perl string interpolation engine can call arbitrary Perl code you do not want to want to use it on strings from untrusted sources without some precautions. For this reason String::Interpolate
objects can be made to use Safe
compartments. This is, of course, only as safe as Safe and you are advised to read "WARNING" section of the Safe documentation.
When interpolating in a Safe compartment package symbols are imported using tied wrapper variables so that their values cannot be interpreted as references and such that they cannot be used to alter the values outside the compartment. This behaviour can be suppressed by the unsafe_symbols() method. Note that if you want to import tied variable or variables containing references to objects that use overloading into a Safe compartment then you will need to do a lot of fancy footwork unless you use safe_hole() method.
By default *_ is shared by Safe compartments and could potentially allow the compartment to leak. The $_ and %_ variables are therefore subjected to the same similar precautions to imported symbols. This behaviour can be suppressed using the unsafe_underscore() method.
Perl string interpolation can, of course, throw exceptions. By default String::Interpolate objects do not catch (or rethrow) these exceptions when working in a simple namespace and do trap them when working in a Safe compartment. This behaviour can be overriden by the trap() or pragma() methods. If an exception during interpolation is trapped then undef will be returned as the result of the interpolation and $@ will hold the exception in the usual way.
When taint checking enabled, attempting to perform interpolation (using eval()) on a tainted string would naturally fail. However, when using a Safe compartment, String::Interpolate will strip the tainting off of the string prior to interpolation and put it back afterwards. Also String::Interpolate will taint any arguments passed to callback functions called as the result of performing interpolation on a tainted string. Note that due to the mechanism used to assign $1 et al they can never be tained even if the values in the array being used to set them are tainted.
By default String::Interpolate
does not export any subroutines but as a concession to programmers who prefer not to explicitly use objects the functions interpolate() and safe_interpolate() are exportable.
Principle methods
- new
-
Simple constructor. Creates a empty String::Interpolate object bound to the caller's namespace and then modifies the object by passing any arguments to the exec() method. Returns a the object.
If called as an instance method new() clones the object. Be aware, however, that this is a shallow cloning and if array or hash reference arguments have been passed to the object the parent and clone will continue to use the same array or hashes until one or other is passed a new argument.
Most of the other methods in String::Interpolate will implicitly call new() if called as class methods.
- safe
-
Alternative constuctor to create a String::Interpolate object that uses an automatically allocated temporary Safe compartment. The automatically allocated Safe compartment will have the default opcode mask but with the 'bless' opcode denied as this can be used to execute code outside the compartment by putting it in DESTROY methods. The 'tie' opcode is also denied although I'm not sure if it really can be exploited in this way. There is no point explicitly passing a package or existing safe compartment to this constructor as it will be ignored.
The argument list is passed to exec() as in new().
The safe() method can also be called on an existing object in which case it instructs the object to forget its current Safe compartment or namespace and use an automatically allocated temporary Safe compartment henceforth.
- exec
-
This it the guts of the implementation but it it rarely needs to be called explicitly as it can be more elegantly called implicitly by using the String::Interpolate object in a string or CODE reference context. The following are equivalent pairs:
my $interpolated_string = $interpolate_object->exec; my $interpolated_string = "$interpolate_object"; my $interpolated_string = $interpolate_object->exec(LIST); my $interpolated_string = $interpolate_object->(LIST);
The exec() method modifies the object according the argument list. Then, if called in a non-void context, returns the result of the interpolation. Note that the modifications are persistent. This persistence can be avoided by creating a transient clone using the new() method.
my $string = $inter->(LIST); # $inter changed my $string = $inter->new->(LIST); # $inter unchanged
Also, if exec() is called as a class method then it acts on a temporary String::Interpolate object which is immediately destroyed.
The elements of the argument list are interpreted according to their type as listed below. If this mechanism does not provide sufficient flexibility in manipulating the symbol table you can, of course, manipulate it directly too.
- ARRAY reference
-
Tells the object to use this array to populate the special variables $1 and so on. The object holds a reference to the array itself and will use the values that are in the array at the time of interpolation. This ARRAY reference is exposed via the positionals() method. The array can also be modified by using the String::Interpolate object in an ARRAY reference context. Note, however, that the String::Interpolate object used in an ARRAY reference context does not refer to the array itself but to a STORE-only tied array whose subscripts are offset by one such that $interpolate_object->[1] corresponds to $interpolate_object->positionals->[0] and hence the value that will be interpolated for $1.
- HASH reference
-
Tells the object to use this hash to populate some package variables immediately prior to each interpolation. The object holds a reference to the hash itself and will use the values that are in the hash at the time of interpolation.
After the object has been instructed to populate package variables in this way it will no longer default to using the namespace from which the constructor was called and will instead auto-allocate a temporary one unless told to do otherwise.
If multiple hash reference arguments are specified in a single call to exec() then each hash in turn will be processed prior to each interpolation. However, whenever a exec() is passed one or more hash references it forgets any previous hashes and deletes any auto-allocated temporary package or safe compartment.
The keys of the hash should be unqualified Perl identifiers that will determine the entries in the package symbol to be modified. Which slot in the symbol table entry is modified is determined by the values' types as follows:
- ARRAY reference
-
Set the symbol table entry's ARRAY slot.
- HASH reference
-
Set the symbol table entry's HASH slot.
- SCALAR reference
-
Set the symbol table entry's SCALAR slot.
- CODE reference with prototype ()
-
Set the symbol table entry's SCALAR slot to point to an new tied scalar with a FETCH method that calls the referenced code.
Note that if interpolation is taking place inside a Safe compartment the callback will, by default, simply be called from within the compartment. The callback code will execute with a false symbol table root so it will not be able to use any packages from the real symbol table root. This limitation can be overcome by using the safe_hole() method.
- CODE reference with prototype ($) or no prototype
-
Set the symbol table entry's HASH slot to point to an new tied hash with a FETCH method that calls the referenced code.
See above for limitations if the callback is called from interpolation taking place in a Safe compartment.
The argument passed to the callback will be stringified. It may seem like a nice idea to be able to pass multiple arguments using an ARRAY reference but unfortunately this could open up security problems when passing arguments out of a Safe compartment via a Safe::Hole.
- Anything else
-
Set the symbol table entry's SCALAR slot to point scalar containing the value.
Note that since the String::Interpolate object stores a reference to the hash and updates the symbol table prior to each interpolation, changes in the hash will be reflected in subsequent interpolations. However, if items in the hash are deleted or changed to a different type then the previously created symbol table entries may persist. This can be overcome by calling the safe() or package() methods.
To simplify modifying the hash, a String::Interpolated object used in a HASH reference context will return a reference to the last hash argument passed to object, implicitly calling exec({}) first if necessary.
my %h = ( A => 1 ); my $i = new String::Interpolate \%h; $i->{B} = 2; # $h{B} = 2
- GLOB or GLOB reference
-
Instruct the object to perform interpolation in the namespace defined by the GLOB. For example the argument *Q:: would mean that the string should be interpolated in the context of the package Q. The trailing '::' may be omitted.
Passing a package argument to the object causes it to stop using a Safe compartment if it previously was doing so. If you want safe execution in a specific namespace then you need to explicitly constuct Safe object bound to the given namespace and pass that.
Once a String::Interpolate object has been explicitly bound to a namespace it will continue to use that namespace even if the String::Interpolate object has been (or is subsequently) passed a hash reference argument. In this case the symbols will be created/updated in the namespace prior to each interpolation and will persist afterwards.
See also the package() method.
- Safe object
-
Instruct the object to perform interpolation in the given Safe compartment. Passing a Safe object argument to the String::Interpolate object causes it to stop using a specified namespace if it previously was doing so. If you choose to pass an explicit Safe object you should deny the 'bless' and 'tie' opcodes for the reasons discussed under the safe() method.
Once a String::Interpolate object has been explicitly bound to a Safe object it will continue to use that object even if the String::Interpolate object has been (or is subsequently) passed a hash reference argument. In this case the symbols will be created/updated in the namespace associated with the Safe object prior to each interpolation and will persist afterwards.
See also the safe() method.
- Safe::Hole object
-
Equivalent to calling the safe_hole() method with the same argument.
- SCALAR reference
-
The referenced scalar is passed to the pragma() method.
- Anything else
-
Use the stringified value of the argument as the string on which to perform interpolation.
Functional interface
For those heathens who don't like the OO interface.
- safe_interpolate
-
Exportable function equivalent to String::Interpolate->safe->exec(LIST).
- interpolate
-
Exportable function equivalent to String::Interpolate->lexicals->exec(LIST).
Ancillary methods
The following methods provide alternative interfaces and some fine tuning capabilities.
- trap
-
Tells the String::Interpolate object whether or not to trap exceptions.
$i->trap; # Enable trapping $i->trap(1); # Enable trapping $i->trap(0); # Disable trapping
Returns the object so that it can be tagged on to constructor calls.
my $i = String::Interpolate->safe->trap(0);
If the trap(0) method has not been called then trapping is enabled when using a Safe compartment.
- unsafe_underscore
-
Tells the String::Interpolate object whether or not to use "unsafe underscore" mode. In this mode no precautions are taken to prevent malicious code attempting to reach outside it's Safe compartment through the $_ and %_ variables.
$i->unsafe_underscore; # Enable unsafe underscore mode $i->unsafe_underscore(1); # Enable unsafe underscore mode $i->unsafe_underscore(0); # Disable unsafe underscore mode
Returns the object so that it can be tagged on to constructor calls.
- unsafe_symbols
-
Tells the String::Interpolate object whether or not to use "unsafe symbol" mode. In this mode variables are simply shared with the Safe compartment rather than being safely hidden behind variables tied to blessed closures. The setting of this flag as no effect when not using a Safe compartment.
$i->unsafe_symbols; # Enable unsafe symbol mode $i->unsafe_symbols(1); # Enable unsafe symbol mode $i->unsafe_symbols(0); # Disable unsafe symbol mode
Returns the object so that it can be tagged on to constructor calls.
- lexicals
-
This feature is EXPERIMENTAL. Do not use it in real code.
Tells the String::Interpolate object whether or not to use the PadWalker module to import all lexical variables from the calling context into the temporary package or Safe compartment. By default this does not happen as it is conceptually ugly and quite expensive.
$i->lexicals; # Enable lexicals $i->lexicals(1) # Enable lexicals $i->lexicals(0); # Disable lexicals
Returns the object so that it can be tagged on to constructor calls.
my $i = String::Interpolate->safe->lexicals;
Enabling lexicals with a Safe compartment like this will give the code read-only access to all your lexical variables.
Note that the lexicals used are those in scope at the final call that performs the interpolation, not those in scope when the String::Interpolate object is constructed. Also you can't have your cake and eat it. If you cannot use this feature at the same time as an explicit package or Safe compartment.
- package
-
Instructs the String::Interpolate object to forget its current Safe compartment or namespace and use the specified one henceforth. The package name can be specified as a string, a GLOB or a GLOB reference. The trailing '::' may be ommited. With an undefined argument this method instructs the object to use a new automatically allocated temporary namespace.
The package method Returns the object so that it can be tagged on to constructor calls. It can also be used as a constructor.
my $i = String::Interpolate->package('Q'); # Use namespace Q:: $i->package; # Use temporary namespace $i->package(*R); # Use namespace R:: $i->package(\*S::); # Use namespace S::
Note that the last two forms are not commonly used as GLOB or GLOB reference arguments passed to the exec(), new() or methods are automatically passed on the the package() method.
- safe_hole
-
Tells the String::Interpolate object whether or not to use a Safe::Hole object to wrap callbacks to subroutines specified in the symbol mapping hash. Without a Safe::Hole eval(), symbolic references and method calls in callbacks won't function normally.
my $i = String::Interpolate->safe->safe_hole; # Without a Safe::Hole Wibble::wobble() would be inaccessible $i->{FOO} = sub () { Wibble->wobble };
This feature only makes sense when evaluating in a Safe compartment and you can only use it if you have the Safe::Hole module installed.
$i->safe_hole; # Enable use of Safe::Hole $i->safe_hole(1); # Enable use of Safe::Hole $i->safe_hole(0); # Disable use of Safe::Hole $i->safe_hole($hole); # Use the Safe::Hole object $hole
This method can also be called implicitly as follows.
$i->(\'SAFE HOLE'); # Enable use of Safe::Hole $i->(\'NO_SAFE_HOLE'); # Disable use of Safe::Hole $i->($hole); # Use the Safe::Hole object $hole
The safe_hole() method returns the object so that it can be tagged on to constructor calls.
- pragma
-
Specify various options including Perl code to be complied in a BEGIN{} block prior to compiling the string to be interpolated. When working in a Safe compartment, what you can do here is, of course, highly limited. In practice this is only useful for calling the import() an unimport() methods on the warnings and strict modules.
For the most commonly used values, to control the handling of interpolating undefined values, the following shorthands can also be used:
NOWARN => 'unimport warnings qw(uninitialized)' WARN => '' FATAL => 'import warnings FATAL => qw(uninitialized); import strict qw(vars)'
The default state for a newly created String::Interpolate object is NOWARN. All other warnings are enabled as are 'refs' and 'subs' strictures.
You can call pragma() implicitly by passing SCALAR references to exec(). Furthermore pragma('TRAP') is a synonym for trap(1) and pragma('NO TRAP') is a synonym for trap(0). Similarly for lexicals(), unsafe_symbols(), unsafe_underscore() and safe_hole(). This makes the following statements equivalent:
$i->(\'FATAL',\'NO TRAP',\'SAFE SYMBOLS'); $i->pragma('FATAL','NO_TRAP','NO UNSAFE_SYMBOLS'); $i->pragma('FATAL')->trap(0)->unsafe_symbols(0);
The pragma() method returns the object so that it can be tagged on to constructor calls.
- positionals
-
Returns, as an lvalue, the reference to the array that holds the values to use for the positional variables $1 and so on.
my @p = qw ( one two three ); my $i = new String::Interpolate \@p; $i->positionals->[1] = "TWO"; # $p[1] = "TWO"; $i->positionals = [ qw ( X Y ) ]; # Forget @p, use anon array undef $i->positionals; # $1 etc. inherted from caller
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 678:
=over without closing =back