#!/usr/bin/perl use CGI; use strict; my $q = CGI->new; my $string = $q->param('content'); # the posted string. $string =~ s/\r?\n$//s; # remove trailing CRLF if ($string =~ /foo/) { # decide what to do depending on input print $q->redirect('http://host.tdl/some/other/uri'); } else { print $q->header,$q->start_html; if($string) { # print "<p>You posted: $string\n"; # <-- bad # what oxone said below - avoid XSS attacs print "<p>You posted: ",$q->escapeHTML($string),"\n"; # <-- be +tter } else { print <<EOH; <form action="/cgi-bin/posttest.cgi" method="POST"> <textarea name="content" cols=40 rows=4>Enter data here. </textarea> <input type="submit" value="Process"> </form> EOH } print $q->end_html; }
update: fixed XSS vulnerability. Thanks, oxone.
--shmem
_($_=" "x(1<<5)."?\n".q·/)Oo. G°\ /
/\_¯/(q /
---------------------------- \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
In reply to Re: simple form post question
by shmem
in thread simple form post question
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |