[boulder.pm] ok, I've got a perl question
David Nicholas Kayal
davek at saturn5.com
Fri Jun 21 01:35:59 CDT 2002
I have this template I use for making a web page.
http://yayproductions.com/nice_start_cgi.txt
On Fri, 21 Jun 2002, Myke Komarnitsky wrote:
> This is more stylistic I think than syntactical.... but here goes.
>
> Most of my perl work is for web sites - databases, forms, cgi, etc... often
> of the time, inputted data is being put in a mysql database. Thus, you have
> to parse and prepare the user's data.
>
> Silly and obvious question: how do YOU go about getting the user data?
>
> every perl example I see has the OO style, eg.
> use CGI;
> $cgi = new CGI;
> my $name = $cgi->param("name");
> my $email = $cgi->param("email");
>
> which works, well, ok. However, on one site, I have about 8 public forms
> and 30 admin forms. Typing all that explicitly is a pain in the ass, and
> it's rife with opportunity to misspell a variable.
>
>
> My way of getting the data is by using
> use CGI qw/:cgi-lib -no_debug/;
> &ReadParse;
> which ends up giving me an %in hash with all the variables in there (eg.
> $in{'name'},$in{'email'}, etc..). Nice benefits:
> I can loop through that hash for security/data sanitization
> Escaping the data for 's for database input
> If I add another field in the form, I don't have to add another
> line to the perl script.
> Error logging: on an error, I do
> foreach $key (sort keys %in) { print "$key ==> $in{$key}\n";}
> which is handy for troubleshooting what your input data is.
>
> I don't seem to ever run into other code that uses this method (an ancient
> and unnamed local perl fanatic taught me this method, I must confess), so
> I'm wondering if I'm missing something fantastically obvious.
>
> Myke
>
> Michael Komarnitsky Komar Consulting Group
> 303.818.3718 http://www.komar.biz
> http://climbingboulder.com
> http://myke.komar.org
> -
>
>
More information about the Boulder-pm
mailing list