in reply to Markup::Perl Review / Demo (Basic CGI Shell)

"12 years after release this remains a mature and stable distribution."

It's never passed a build on windows, because of a test which really doesn't make much sense. It is dependant on CGI, which states:

"The rationale for this decision is that CGI.pm is no longer considered good practice for developing web applications, including quick prototyping and small web scripts. There are far better, cleaner, quicker, easier, safer, more scalable, more extensible, more modern alternatives available at this point in time. These will be documented with CGI::Alternatives."

User beware, running user submitted input via backticks

  • Comment on Re: Markup::Perl Review / Demo (Basic CGI Shell)

Replies are listed 'Best First'.
Re^2: Markup::Perl Review / Demo (Basic CGI Shell)
by usemodperl (Beadle) on Jul 04, 2018 at 20:27 UTC
    Thank you for the information marto!

    I looked at that test and ran what it's doing with success on osx. Do you know why that fails on windows? If it has something to do with $^X (from the test) then it might install with force since it's not in the module source.

    Thanks for warning people again about the shell mentioned in the title and pod; you have an eye for danger! It's just a demo and much less powerful than a real shell since it only runs with the privs of the web server. This is a typical single user administrative script for us kids who run perl on our home computers and don't have to worry about the perils of exposing it to the internet.

    I wouldn't use Markup::Perl in production on the net. It's been tested with perlrun under mod_perl and that didn't work but was not persued because, even though any handler can be made to work eventually, it's not necessary since we're not going into production with a hobby module. Frankly I don't care for the rationalizations and considerations (or the policing) that discourage and cripple a legacy core module on CPAN that ~246 distributions depend on (some very popular): https://metacpan.org/requires/module/CGI

    The most recent Perl my review script was tested on: 
    
perl -le'print$^V'
v5.26.2

perl -MCGI -le'print$CGI::VERSION'
4.38
    Markup::Perl can't be run from the command line AFAIK because of that magic but the version here is 0.5.

    STOP REINVENTING WHEELS, START BUILDING SPACE ROCKETS!CPAN 🐪
[reply]

      The test fails because it doesn't know about how to run shell commands on Windows:

       `$perl -e'print 1;'`;

      [download]

      On Windows, the shell only understands double quotes.

[reply]
[d/l]
        Thank you Corion, I missed that. Being the type of person who rummages through error_logs to find new excuses for rewriterules, my mind wonders why someone hasn't fixed that. I don't have perl on windows handy to test if Markup::Perl will work by installing with force.

        STOP REINVENTING WHEELS, START BUILDING SPACE ROCKETS!CPAN 🐪
[reply]
          A reply falls below the community's threshold of quality. You may see it by logging in.
          A reply falls below the community's threshold of quality. You may see it by logging in.

      "If it has something to do with $^X"

      $^X has no issues on windows. As Corion mentions the failure relates to not catering for windows quoting. You said this module "is extremely useful for rapid prototyping", the alternatives listed in CGI::Alternatives are a better choice in this (and in fact every) respect , because it's trivial to rapidly prototype and scale up without throwing away the code, which you'd be doing if you went down your recommended path.

[reply]
      A reply falls below the community's threshold of quality. You may see it by logging in.

In Section Cool Uses for Perl