I've written my own blogging software in Perl, and I'm kind of quietly proud of it.

It has features like comments, file uploads and a search engine as well as posting and editing and HTML shortcuts in QuickEdit format.

I couldn't have done it without the Monks. I'm not worthy.

Anyway, a friend of mine asked if she could have the script, and it was at that moment I realised that it was still full of hacks and had no interface.

For instance, there's a create button but no delete button for posts. I delete so rarely I just log in and delete it with FTP.

But more importantly, if I was going to let other people who aren't just more perl hackers use it, I'd need to do a couple of things:

  1. Make it easy for people to install.
  2. Build an interface for preferences, like date formats, posts-per-page and so on, that I currently just change by editing Perl variables.
  3. Store those preferences somewhere so that a user can just check a box and save.
  4. Worry about things like Taint, which I don't fully understand.

So, I throw myself on the mercy of the Monks.

What's the best way to store the prefs for an online application? I'm guessing you guys would use a tied hash of some sort?

What things do I have to worry about when it comes to security?

All my script does, in terms of security, is write posts into a certain folder which is world-writable, then read them back again. There's one script for display and another for create/edit, which is in a password-protected directory.

And how does one go about setting up an install for something like this to make it as easy as possible? The very easiest thing would be for them to install and set permissions on one script, which would then figure out things like the path and create the necessary folders and so on.

I'd be grateful for any help. I'm really just asking the questions because, I'll happily admit, I've never tried to do CGI programs professionally at all, just hacked them together and made them work.
-- 

($_='jjjuuusssttt annootthhrer
     pppeeerrrlll  haaaccckkeer')=~y/a-z//s;print;

[download]

In reply to Moving A Web Application From Hacky To ... Less Hacky by Cody Pendant

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.