Re^2: html code cleanup via GET

Here is the code I am using the grab my posted data. I got it from some book once upon a time, and have been using it since.

if ($ENV{'REQUEST_METHOD'} eq 'GET') {
        @pairs = split(/&/, $ENV{'QUERY_STRING'});
} elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
        read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
        @pairs = split(/&/, $buffer);
} else {
        print "Content-type: text/html\n\n";
        print "<P>Use Post or Get";
}

foreach $pair (@pairs) {
        ($key, $value) = split (/=/, $pair);
        $key =~ tr/+/ /;
        $key =~ s/%([a-fA-F0-9] [a-fA-F0-9])/pack("C", hex($1))/eg;
        $value =~ tr/+/ /;
        $value =~ s/%([a-fA-F0-9] [a-fA-F0-9])/pack("C", hex($1))/eg;

        $value =~s/<!--(.|\n)*-->//g;

        if ($formdata{$key}) {
                $formdata{$key} .= ", $value";
        } else {
                $formdata{$key} = $value;
        }
}

$yip = $ENV{'REMOTE_ADDR'};
$link = $formdata{'link'};
[download]

Link then prints out the bad link above.

Comment on Re^2: html code cleanup via GET Download Code

Replies are listed 'Best First'.
Re^3: html code cleanup via GET by Happy-the-monk (Canon) on Nov 05, 2004 at 13:44 UTC
While I've seen worse form data parsers, this one doesn't handle multivalues and probably has security issues (although I don't remember why at the moment of this writing). You can avoid this and a lot of cut+paste by using CGI; the following code replaces the one in your post, gaining named features and not losing anything: use CGI; # use the CGI.pm module my $query = CGI->new; # create a CGI object called "$query +" # if you actually need all form data in a hash, # do this: my %formdata = $query->Vars; # get all form data in hash "%formda +ta". # does handle multivalues, although not too well; # see the CGI manual on "multivalue" for more on that topi +c. my $yip = $query->remote_host; # get the remote hostname or address # my $link = $formdata{link}; # one way of getting the link parame +ter. my $link = $query->param('link'); # another way of getting the link pa +rameter. [download] Cheers, Sören	[reply] [d/l]

Replies are listed 'Best First'.

Re^3: html code cleanup via GET
by Happy-the-monk (Canon) on Nov 05, 2004 at 13:44 UTC

While I've seen worse form data parsers, this one doesn't handle multivalues and probably has security issues (although I don't remember why at the moment of this writing).

You can avoid this and a lot of cut+paste by using CGI; the following code replaces the one in your post, gaining named features and not losing anything:

use CGI;                          # use the CGI.pm module
my $query = CGI->new;             # create a CGI object called "$query
+"

            # if you actually need all form data in a hash,
            # do this:
my %formdata = $query->Vars;      # get all form data in hash "%formda
+ta".

            # does handle multivalues, although not too well;
            # see the CGI manual on "multivalue" for more on that topi
+c.

my $yip = $query->remote_host;    # get the remote hostname or address

# my $link = $formdata{link};     # one way of getting the link parame
+ter.
my $link = $query->param('link'); # another way of getting the link pa
+rameter.
[download]

Cheers, Sören

[reply]
[d/l]