jcpunk has asked for the wisdom of the Perl Monks concerning the following question:

How does one check to see if a script was passed data from a web form via the post method. I have got it checking for command line paramaters, but I need to know if the web form that I built for the users is passing it data. There are 3 possible ways that the script can be called and for the sake of brevity I am not posting the code, but the three methods are:

passed command line arguments
called initially from the web (the script both draws the form and does the grunt work, this is the form drawing phase)
passed data off of the post statement (this is the grunt work phase)

so does anyone know how this setting is checked for?

Replies are listed 'Best First'.
Re: Detecting a post via cgi
by fireartist (Chaplain) on May 28, 2003 at 14:44 UTC
    Use the CGI module.
    To retrieve parameters sent to the script, do: 
    use CGI;
my $q = new CGI;
my %param = $q->Vars;

    [download]
    To check whether the params were sent via POST, do: 
    my $method = $q->request_method();

    [download]
    which should give either 'POST', 'GET' or 'HEAD'.
[reply]
[d/l]
[select]

      ... or nothing, if the script was called from the command line.

[reply]
Re: Detecting a post via cgi
by cbro (Pilgrim) on May 28, 2003 at 14:44 UTC
    1. `perldoc CGI`
    2. See if $ENV{QUERY_STRING} is defined or ne "".
    3. 
    use CGI;
use strict;
my $cgi = new CGI;
my $param1 = "";
$param1 = $cgi->param('textboxonform');
if ($param1 ne "") {
    #There was data passed from Post/Get
}

    [download]
    4. If you are going to use the CGI parameters for anything...do not manually parse the QUERY_STRING. I put that option (#2 above) JIC you only want to know, "Was this script loaded from a Post/Get?"
    UPDATE:
    5. And if you really want to know which method of parameter passing was used...see fireartist's post above that reads, "my $method = $q->request_method();"
[reply]
[d/l]

      A somewhat cleaner way of doing what you accomplish:

      my $param = $cgi->param('foo') || '';
if ($param) {
   #...
}

      [download]

      Or, if you always untaint your variables:

      my $_param  = $cgi->param('foo') || '';
my ($param) = $_param =~ /^($some_regex)$/;

      [download]

      Cheers,
      Ovid

      New address of my CGI Course.
      Silence is Evil (feel free to copy and distribute widely - note copyright text)

[reply]
[d/l]
[select]
        Very true Ovid. I'm a C programmer...cut me some slack ;o). Seriously though...that's a nice space saver, and I will change my Perl methodology to reflect that 'cleaner' way of instantiation. I post some help to somebody and get help back. Yes, this is a great site.
[reply]
      Thanks for the information, but I am unable to get the QUERY_STRNG to be other then "", any thoughts
      my @referers;
my $referers;
. . .
    if ($ENV{QUERY_STRING} ne "") {
        if ($ENV{'HTTP_REFERER'}) {
            foreach $referer (@referers) {
                if ($ENV{'HTTP_REFERER'} =~ m|https?://([^/]*)$referer
+|i) {
                 &begin_data_parse;
                }
            }
        }
        else { 
            print "</b>Data Passed Failed Source Check</b>";
        }
    }
    else {
            &form;
    }

      [download]
      it just keeps calling &form......
[reply]
[d/l]
        Put QUERY_STRING in quotes just as you did with HTTP_REFERER.
[reply]
Re: Detecting a post via cgi
by nite_man (Deacon) on May 28, 2003 at 15:13 UTC
    There are some methods to do this:
    1) check $ENV{REQUEST_METHOD}: 
    if($ENV{'REQUEST_METHOD'} eq 'GET') { $query=$ENV{'QUERY_STRING'} }
elsif($ENV{'REQUEST_METHOD'} eq 'POST') {  sysread STDIN,$query,$ENV{'
+CONTENT_LENGTH'} }
else { print 'Unsupport method: '.$ENV{'REQUEST_METHOD'}.'!!!'; }

    [download]
    2) use module CGI: 
    use CGI;

my $q = CGI->new();

if(defined $q->param('submit')) {
    my $user = $q->param('user_name');
    my $pass = $q->param('user_password');
} else {
    print "Content-type: text/html\n\n";
    print <<END;
    <table>
    <form method='POST'>
        <tr><td>User name:</td><td><input type='text' name='user_name'
+></td></tr>
        <tr><td>Password:</td><td><input type='password' name='user_pa
+ssword'></td></tr>
        <tr><td colspan=2><input type='submit' name='submit' value=' L
+ogin '></td></tr>
    </form> 
    </table>
END
}

    [download]
    3) Embperl keeps all passed data into hash %fdat, and it doesn't matter what method is used in your form.
    4) Mason keeps all passed data into hash %ARGS or you can define needed data in the block of code <%ARGS></%ARGS> and it doesn't matter what method is used in your form.
    If you develop small script, in my mind, it's better to use CGI.pm or manual processing of form data. But if you develop site or huge web application it's better to embed Perl using Embperl, Mason or another tool. Because it makes easier developer's life appreciably. 
          
--------------------------------
SV* sv_bless(SV* sv, HV* stash);
[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom