in reply to Re^2: HTML Template
in thread HTML Template

> How do we ensure that the server will do it's job right
> not to confuse the two users - it's a shared server.

You have to do this, not the server. Imagine user A is looking at a web page. On that web page, it says, "Hello user A", which is a result of a template, say, welcome.tmpl, which says "Hello user <TMPL_VAR USERNAME>", which, in turn, is filled by a script, say, query.cgi, which queries a data store $tmpl->param(USERNAME => $self->getuser).

Since query.cgi was called by user A, which caused welcome.tmpl to be filled with the retrieved values and sent back to user A, user B can never see what user A requested. This is because the web is stateless. One query does not know from another, even from the same user, let alone from different users. Unless...

Unless, user A is requesting something that is held in the server's memory. This is where things get screwy. This is where the concept of sessions comes in. Somehow, you, the programmer, has to ensure that the web server "remembers" who is requesting what. The web server can't do that on its own. You have to do something to make this happen. An excellent way to do that is by using a module such as CGI::Session, or CGI::Application::Plugin::Session, essentially a wrapper around the former.

Using sessions, you utilize a cookie (or a URI parameter) to make one request be connected to a previous request. Then you utilize that connection to make sure you are getting the correct data back for the user that has requested it.

--

when small people start casting long shadows, it is time to go to bed

Replies are listed 'Best First'.
Re^4: HTML Template
by Anonymous Monk on Jun 14, 2010 at 00:09 UTC
    Many thanks :)

    I don't know whether I'm doing it correctly. I've a template page named form.tt. On this template, I've a template variable "key" (<TMPL_VAR key>). When a user A requests the page, the template variable is filled with a random MD5 hash. For illustration, here's the tear-down code: 
    use CGI;
our $q = new CGI;
sub do_form {
    my $href;
    $href->{key} = md5_hex(time() . '-' . $$ . '-' . rand());
    to_template(
        output => $href,
        tmpl   => 'form.tt'
    );
}

sub to_template {
    my %hash = @_;
    print $q->header;
    require Template;
    my $template = HTML::Template -> new(filename => "/templates/$hash
+{tmpl}");

    $template->param(map { defined $hash{output}->{$_} ? ($_ => $hash{
+output}->{$_}) : () } keys %{$hash{output}});
    print $template->output;
}

sub process_form {
    my $params = $q->Vars;
    debug($params->{key});
}

    [download]
    Assume users A and B access the form at the same time, both should get a different key set on their respective form. Am I right?

    Now A and B submit the form at the same instant, does the variable $params->{key} hold the right value of each user? Is it possible for user B's submission to get the value of A's key?
[reply]
[d/l]
      Now A and B submit the form at the same instant, does the variable $params->{key} hold the right value of each user? Is it possible for user B's submission to get the value of A's key?

      No. Since you are not getting the value of $params->{key} from the memory of the server on which your application is running, but instead, your user is passing the value back to the server, every user is passing a unique, user-specific value. In other words... your script.cgi creates a random value of the key, sends it to user A in a form and user A sends that value back to script. Similarly, the script.cgi creates another random value of the key, sends it to the user B, who sends that value back to the script. Both users get different values. There is no clash whatsoever.

      Read up on sessions, and everything will be clear.

      --

      when small people start casting long shadows, it is time to go to bed
[reply]
[d/l]
        Does it matter that the variable $q (a CGI object) is declared with "our" rather than "my"? This variable is exported and used in other modules.
[reply]

In Section Seekers of Perl Wisdom