blank value from text box

jwlarson3rd has asked for the wisdom of the Perl Monks concerning the following question:

I have a form which is sent to a script for parsing in cgi.pm. If either the textbox field or password field is left blank I want to redirect back to the form. The following code gives a internal service error 500 Bad header=Use of uninitialized value in : suid when a blank line is sent to the script from the form.

my $p = new CGI;
my $name= $p->param('name');
my $password=$p->param('password');
my $st=$p->param('state');

$name =~ s/([;<>\*\|`\$!#\(\)\[\]\{\}:'"]@)/\\$1/g;
$name =~tr/\n//d;
$password =~ s/([;<>\*\|`\$!#\(\)\[\]\{\}:'"]@)/\\$1/g;
$password=~tr/\n//d;
if (( $name ne " ")&& ($password ne " ")&& ($st eq "true"))
{
do some stuff
}
else{
redirect back to form
}
[download]

thank you john larson

Comment on blank value from text box Download Code

Replies are listed 'Best First'.
Re: blank value from text box by Roger (Parson) on Feb 07, 2004 at 01:49 UTC
You should add a check after the line `my $password=...`. The quickest fix I can think of is: `my $password = $p->param('password') \|\| '';` [download] That is, if the password is defined, use it, otherwise use an empty string. Another word on your string testing `if ($name ne " ")`, it's better written as: `if ( ($name !~ /^\s$/) && ($password !~ /^\s$/) ... )` [download] Otherwise if $name or $password contains two empty spaces your eq testing will fail.	[reply] [d/l] [select]
Re: Re: blank value from text box by jwlarson3rd (Acolyte) on Feb 07, 2004 at 22:20 UTC
thanks that seems to work regex has always been my downfall. john larson	[reply]
Re: blank value from text box by CountZero (Bishop) on Feb 07, 2004 at 09:56 UTC
You get the "500 Bad header" beacuse your script throws an error which gets send to the webserver before the necessary headers have been generated and the server cannot deal with it. In pre-production code, I like to use `use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;` so in case of an error, at least my browser shows the error itself in a nice way, rather than the Error 500 only and forces you do dig through the web-server's error logs. CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law	[reply] [d/l]
Re: blank value from text box by CountZero (Bishop) on Feb 07, 2004 at 10:04 UTC
Perhaps a bit off-topic as far as your question is concerned, but why do you use these regexes s/([;<>\\\|`\$!#\[\]\{\}:'"]@)/\\$1/g;? Is it to escape "unsafe" HTML codes? If so, perhaps you can have a look at the escapeHTML* function of the CGI-module. CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law	[reply] [d/l]
Re: Re: blank value from text box by jwlarson3rd (Acolyte) on Feb 07, 2004 at 21:59 UTC
Thanks I tried that got this Can't locate autoEscape.pm in @INC (@INC contains: /usr/lib/perl5/5.8.0/i386-linux /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl .) at insert.cgi line 7. when I did this `use autoEscape();` [download] john larson	[reply] [d/l]
Re: Re: Re: blank value from text box by CountZero (Bishop) on Feb 07, 2004 at 23:48 UTC
escapeHTML is a function of the CGI-module. So if you did a `use CGI;` in your script, you should have the escapeHTML-function available. CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law	[reply] [d/l]