[boulder.pm] ok, I've got a perl question

Luke Palmer fibonaci at babylonia.flatirons.org
Fri Jun 21 03:05:22 CDT 2002


On Fri, 21 Jun 2002, Myke Komarnitsky wrote:

> This is more stylistic I think than syntactical.... but here goes.
> 
> Most of my perl work is for web sites - databases, forms, cgi, etc... often
> of the time, inputted data is being put in a mysql database.  Thus, you have
> to parse and prepare the user's data.
> 
> Silly and obvious question:  how do YOU go about getting the user data?

Me?  Oh, I use PHP (holds head in shame).  PHP is a lot easier if you 
don't need to do any text processing; i.e. you're just getting variables 
and sticking them in a database.  If, however, I _do_ need to use Perl 
(often enough), I use the kind of thing I said in my last reply:

my %input = map { ($_ => $cgi->param($_)) } $cgi->param();

It's elegant, and it confuses those who aren't perl fluent, something I 
always go for.  Is ReadParse builtin?  I didn't know about it, but I 
usually don't like other people's subs populating globals for me.

> every perl example I see has the OO style, eg.
> 	use CGI;
> 	$cgi = new CGI;
> 	my $name = $cgi->param("name");
> 	my $email = $cgi->param("email");
> 
> which works, well, ok.  However, on one site, I have about 8 public forms
> and 30 admin forms.  Typing all that explicitly is a pain in the ass, and
> it's rife with opportunity to misspell a variable.

Yeah, OO's stupid, when you only have one O.  But, say you wanted to parse 
data from _two_ GET requests simultaneously (what?).  But I use OO anyway, 
hypocritically, I guess.
 
> 
> My way of getting the data is by using
> 	use CGI qw/:cgi-lib -no_debug/;
> 	&ReadParse;
> which ends up giving me an %in hash with all the variables in there (eg.
> $in{'name'},$in{'email'}, etc..).  Nice benefits:
> 	I can loop through that hash for security/data sanitization
> 	Escaping the data for 's for database input
> 	If I add another field in the form, I don't have to add another
> 	line to the perl script.
> 	Error logging: on an error, I do
> 	foreach $key (sort keys %in) { print "$key ==> $in{$key}\n";}
> 	which is handy for troubleshooting what your input data is.
> 
> I don't seem to ever run into other code that uses this method (an ancient
> and unnamed local perl fanatic taught me this method, I must confess), so
> I'm wondering if I'm missing something fantastically obvious.

Nah. It's just ugly.  Those of us with "good programming habits" (who are 
we kidding?) don't do things like use global variables as parameter 
passing, other than Perl's very own punctuation variables, heh.  Hey, when 
you're not writing maintainable code, I say, do what's the quickest to 
type.

Luke




More information about the Boulder-pm mailing list