The "form page that gets user input" and the "validation page" are generated by the same script (and they may even have the same appearance on the client's browser), but they invoke different requests to that script -- they have different cgi parameters -- and the script behaves differently depending on which parameters have been supplied by the client.
From the client's point of view, it goes like this:
-
client sends an http request to the server, using the url for your cgi script, and no parameters.
-
server invokes your script (with no parameters) and this sends the client the html for a blank form.
-
client fills in the form and hits the "submit" button; this sends an http request back to the server, using the url for your cgi script, and this time there are parameters attached (as specified in the form that the script created when it satisfied the first request)
-
server invokes your script again (this time with the form parameters included, as filled out by the client/user)
-
your script uses the new parameter data to validat the user, and if valid, does a redirect, rather than sending any html back to the client.
The point is that your one single cgi script does different things, depending on what the client is requesting. | [reply] |
The form page that wait user input and the validation page is the same page!
I think that this is either a typo, or the crux of your misunderstanding. This script does not wait for the user. It runs once to show the form, and terminates, then again when the user completes the form.
There is no way to have a simple CGI script fetch user input without the user submitting an entirely new request. Your entire first run is long, long terminated by the time the user supplies credentials.
| [reply] |