From 50f5975388ce6f0c6f412b6d3d650c54b8341602 Mon Sep 17 00:00:00 2001
From: Nick Kew <niq@apache.org>
Date: Tue, 22 Apr 2008 09:38:17 +0000
Subject: [PATCH] Clarify explanation of untainting.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@650428 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_dbd.xml | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/docs/manual/mod/mod_dbd.xml b/docs/manual/mod/mod_dbd.xml
index ae20019abc..9992f55503 100644
--- a/docs/manual/mod/mod_dbd.xml
+++ b/docs/manual/mod/mod_dbd.xml
@@ -127,8 +127,13 @@ APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const c
     untrusted input is merged into the SQL statement.</p>
     <p>It can be made safe by <em>untainting</em> all inputs:
     a process inspired by Perl's taint checking.  Each input
-    is matched against a regexp, and only the match is used.
-    To use this, the untainting regexps must be included in the
+    is matched against a regexp, and only the match is used,
+    according to the Perl idiom:</p>
+    <example>
+        <pre><code>  $untrusted =~ /([a-z])+/;
+  $trusted = $1;</code></pre>
+    </example>
+    <p>To use this, the untainting regexps must be included in the
     prepared statements configured.  The regexp follows immediately
     after the % in the prepared statement, and is enclosed in
     curly brackets {}.  For example, if your application expects
-- 
2.40.0