[thelist] Perl problem and question

Poojie poojie at dccnet.com
Mon Aug 6 19:40:02 CDT 2001


Matthew Brooks
wrote: -------------------------------------------------

Dwayne <dwayne at iconys.com> wrote:
>
> using CGI.pm for nothing more than
>a redirect is silly, but using _anything_ is better than writing
your own
>form parsing code.

May I ask why? I'm just curious. The form parsing code (i.e. just
the code
that gets the variables passed from the form) that I use is less
than 15
lines, pretty basic stuff. I often just copy and paste it from one
script
to another, so I'm not actually writing the code anew each time.
There's no
overhead from using CGI.pm (however small that overhead may be).

Security is not an issue - of course I use strict, the -w flag, and
taint
mode. Or does CGI.pm go further?

-------------------------------------------------------------------
---------

CGI.pm does more than just parsing the HTTP Header variables; it's
major "feature" is that it allows programmers to remain programmers
(ie: they can stay away from web design, HTML, etc...). More
specifically, CGI.pm provides an interface for creating HTML forms
as well as the controlling the HTTP header (ie: the Content-type,
Location, etc...). Certain routines are pretty useless, such as
this one:

use CGI;
my $q = new CGI;
print $q->header('text/html');

I suppose this functionality is included for the sake of
simplicity, but still... I prefer:

print "Content-type: text/html\n\n";

You can actually create an entire HTML document, complete with meta
tags and so forth, without even typing a line of actual HTML --
useful in certain situations, I suppose, but at a cost. The cost of
overhead.

There is much more to the CGI module of course (including
supporting modules, like CGI::Cookie), but nothing that a
reasonably seasoned Perl hacker couldn't create herself.

The argument comes down to the necessity of the project. If
efficiency is a must (or if you prefer to have complete control
over your interactions with the server or if you just like doing it
the hard way for the sake of learning :]), steer away from CGI.pm .
If, on the other hand, simplicity and quick development time are of
primary concern, by all means use the CGI module.

(btw, I am not aware of any special security capabilities within
CGI.pm)

There is plenty more to say and I am in a hurry as i write this so
I hope what I have written is (somewhat) coherent :]


Daryl





More information about the thelist mailing list