"Canned" CGI scripts

We all know that most of what is out there for "plug-n-play" CGI scripts are poorly written and possibly dangerous. You don't have to look very far to find people who ignore CGI.pm altogether and would never think to taint-check their data before sending it to a system call.

On the other hand, having gained some knowledge of Perl, I realize that most of these commonly-used form mailers, guestbooks, poll scripts, search engines , etc. would be trivial to write well.

My question is this: has somebody already done this? If I want a web poll program, for instance, is there somewhere where I could find one for free that follows good programming style? I ask because I'm thinking about offering a course on (very) basic web design and wanted to offer the possibility for the students to do some CGI-ish content, but didn't want to expose them to "those" programs... Or do I need to re-invent the wheel (but round this time, and without those big nasty dents in the hubcaps, and the rusty axle just aching to break)?

Comment on "Canned" CGI scripts

Replies are listed 'Best First'.
Re: "Canned" CGI scripts by davorg (Chancellor) on Jun 05, 2001 at 17:23 UTC
london.pm is in the process of writing "dropin" replacements for all of Matt Wright's scripts. Don't know when I'll be in a position to announce more details, but when I am, Perlmonks will be one of the first places to know. -- <http://www.dave.org.uk> "Perl makes the fun jobs fun and the boring jobs bearable" - me	[reply]
Re: "Canned" CGI scripts by footpad (Abbot) on Jun 05, 2001 at 18:33 UTC
Well, I've found merlyn's magazine archive helpful. Consider, for example, his March 2001 WT article. If it's not precisely what you want, it should give you some good ideas to work from. Also, his June and July 2001 Linux Magazine articles may be of interest, though only the code for those is online at the moment. You'll need to do some tweaking, I'm sure, but at least you'll be able to trust the source. Use care, though, in redistributing (or republishing) the stuff you download and borrow. Cite your sources, investigate licensing requirements, and put in original work to make the course you're own. --f	[reply]
Re: "Canned" CGI scripts by merlyn (Sage) on Jun 05, 2001 at 18:33 UTC
Not necessarily so much "canned" but "good starting points" would be my WT columns (along with their siblings). If you have a "common task" that I haven't written about yet, please tell me, and I'll use it for an upcoming column. But I think I've just about covered everything Matt Wright already had. {grin} -- Randal L. Schwartz, Perl hacker	[reply]
Re: Re: "Canned" CGI scripts by Stamp_Guy (Monk) on Jun 06, 2001 at 01:48 UTC
The only thing I ever used of Matt Wright's was his formmail.pl script. Just out of curiosity, what was so bad with his stuff? I'm just wondering...	[reply]
Re: Re: Re: "Canned" CGI scripts by footpad (Abbot) on Jun 06, 2001 at 06:18 UTC
Here are a couple of threads discussing his work: This is not Flamebait Electronic Pricetag Alteration To my mind, you're better off ponying up $35/US for a good book that teaches you how to do things properly from page 1. --f	[reply]
Re: "Canned" CGI scripts by birdbrane (Chaplain) on Jun 05, 2001 at 18:54 UTC
mpolo, In my last job, we used a canned cgi script for doing all cgi's at the University. The way that it worked, was the users would send us the pertinant information, which we would dump into a config file. The user then would build their html page, referencing the formhandler. The data would then be submitted to the formhandler, which would look up the info in the config file and process accordingly. It was nice, because the script was fairly hardended, plus we were able to eliminate rogue/sloppy cgi scripts from being written and propagated. As the script is quite old (written in 96), and very long, I don't want to post it. But if you are interested in seeing the source for reference, /msg me w/ an email address and I can send it to you. Joe bb	[reply]