in reply to Inserting a Value

If possible, you want to interpolate those values before putting them in %FORM. However, if that's not possible, you want eval. Warning:: this is a very, very dangerous technique. Handled incorrectly, you could easily cause a lot of damage to your system.

If you tell us how you are populating %FORM, we can probably help plug some of those security holes. I'm assuming you're getting the data from an HTML form. If so, read through my CGI course for some good security information (see link below).

Cheers,
Ovid

New address of my CGI Course.
Silence is Evil (feel free to copy and distribute widely - note copyright text)

Replies are listed 'Best First'.
Re: Re: Inserting a Value
by lisaw (Beadle) on Apr 17, 2003 at 18:48 UTC
    Hi Ovid, thank you for your reply. The value for $name is already set. I'm just trying to figure out how to get the script to recognize and insert the preset $name value within the $body content.
[reply]
      Sounds like you want a templating system.

      Check out these modules. All 3 are excellent.:

    • Template Toolkit.
    • HTML::Template
    • HTML::Mason

      How you would use Template Toolkit:
      Create a template 'my_template.tmpl': 

      <html>
...
    <body>
      Hello [% name %], how are you today
    </body>
</html>

      [download]

      Your perl code:

      #!/usr/bin/perl -w
use strict;
use Template;
my $file = 'my_template.tmpl';
my $vars = {
       name  => "Schmidy"
    };
my $template = Template->new();
$template->process($file, $vars)
    || die "Template process failed: ", $template->error(), "\n";

      [download]

      You get to seperate your presentation from your code. No more digging through html in your perl code.

      grep
      Mynd you, mønk bites Kan be pretti nasti...

[reply]
[d/l]
[select]
[reply]
[d/l]

In Section Seekers of Perl Wisdom