Dynamically creating a filename from HTML/CGI

OEMike has asked for the wisdom of the Perl Monks concerning the following question:

I want to create a HTML/CGI Script, so that when a user logs on, a interm file is created which keeps basic information about that user until they log off. The filename is going to be created using the username and pin number, after logoff I would unlink it, the question is, will HTML let me do this through PERL CGI and is this a security issue? I'd have to open CHMOD the directory that the file will be created in..

Comment on Dynamically creating a filename from HTML/CGI

Replies are listed 'Best First'.
Re: Dynamically creating a filename from HTML/CGI by rob_au (Abbot) on Jul 16, 2002 at 23:49 UTC
What you are looking for by the sound of it is sessions - That is, the ability to store basic information about a HTTP client for the duration of their visit to the web site, over the essentially stateless HTTP-CGI protocol. There are a number of existing frameworks which should make this job a lot easier for you - These include CGI::Session, CGI::MxScreen and Apache::Session (my personal favourite). I would recommend having a look at what these excellent modules can offer with regards to your basic data storage and sessional requirements before creating more work for yourself and re-inventing the wheel.	[reply]
Re: Dynamically creating a filename from HTML/CGI by DamnDirtyApe (Curate) on Jul 16, 2002 at 23:54 UTC
What you are attempting to accomplish is handled quite nicely by the Apache::Session module, available on CPAN. That said, yes, you can create a file from a CGI script. And yes, there are security implications. Use taint checks, and don't do anything silly (eg. letting unchecked user input near a shell.) _______________ D a m n D i r t y A p e Home Node \| Email	[reply]
Re: Dynamically creating a filename from HTML/CGI by Cine (Friar) on Jul 16, 2002 at 23:50 UTC
I would suggest you look at Cache::Cache to solve your problem. T I M T O W T D I	[reply]