[thelist] Perl problem and question

Matthew Brooks m at pleonasm.com
Tue Aug 7 11:57:11 CDT 2001


"Poojie" <poojie at dccnet.com> wrote:

> You can actually create an entire HTML document,
> complete with meta tags and so forth, without even
> typing a line of actual HTML

Isn't this a problem, though? I presume CGI.pm outputs its HTML in a
certain way, but what if you want it another way? For example, what if you
want it to be XHTML-compliant? Does it allow this?

> If efficiency is a must (or if you prefer to have
> complete control over your interactions with the
> server or if you just like doing it the hard way
> for the sake of learning :]), steer away from CGI.pm.

Well, that's just it, I guess; I *do* like doing it the hard way, figuring
it out myself, to learn. I have to know what it is doing, and how. That's
why I was disappointed with O'Reilly's "Perl Cookbook," which for the most
part shows you which modules to use, rather than showing pure code and
analyzing it line by line, which I would have greatly preferred. Oh well.

Dwayne <dwayne at iconys.com> wrote:

> as far as security goes, one thing most hand rolled
> url decoding routines i've seen don't do is check
> how much data is being uploaded. if you're not checking
> the size of what's being fed to your form, some malicious
> individual can try to upload a bigger file than the
> server can handle.

That's a very interesting point, something I'll add to my code asap. Thanks.

> if anyone else is going to have to maintain your scripts,
> knowing that they use a standard library is a great help.
> i know what $CGI->param() does, but if i come across
> %form = parseURL($url), i'll want to check the code. a
> similar argument applies if you're working with others.

Granted, but that's also what commenting is for. I comment absolutely
everything in great detail, not just for other people, but also because my
own memory is so bad.  :)

> today, you're script only needs to handle form parsing. what
> if you expand it, and you need to parse mulitpart/form data,
> or set cookies?

Very true; I wouldn't like to have to try to write a script to handle
mutipart form data. In this case I would probably turn to a module - just
not right now, for the simpler stuff.

> cutting and pasting a bit of code into a script doesn't seem
> like a lot of work, but it can lead to maintainance problems.
> what if you find a bug in it?

A good point too; at the moment, though, I don't have it in that many
places, but I do see how it could be a problem.

Thanks for all your thoughts. This is real interesting; I should go try use
CGI.pm to see how I like it.

Matt





More information about the thelist mailing list