BTW, this is one of the main reasons why I encourage the use of CGI.pm for producing HTML output (not just for interpretting CGI parameters). Just in the code for PerlMonks, quite a large number of bugs can be blamed on not using CGI.pm (I've seen many introduced when code was converted to not use CGI.pm, I've seen many fixed when code was converted to use CGI.pm, and there are at least a few still present that I hope to fix by using CGI.pm).
Not that CGI.pm's generation of HTML is perfect. Having radio_group() call escapeHTML() on the labels is simply a mistake and I'm not a big fan of what end_form() does. And the most common mistake I see made is people not specifying force=>1 when they should.
But I suspect that you've only noticed this bug in one place and that you likely have the same bug in several other places. And knowing how to escape a value in some parts of HTML can be rather tricky. But the biggest problem appears to me to be that people simply don't think about having to escape values and just include them unchanged into their HTML and that often works (and sometimes you should not escape things). So I consider generating HTML with CGI.pm to be a good habit (in situations where a better habit isn't being used).
- tyeIn reply to Re: HTML Problem getting entities into a textarea (CGI.pm)
by tye
in thread HTML Problem getting entities into a textarea
by muad33b
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |