Re: making perl scripts play nicely together

I have a feeling that if it weren't for shopping cart scripts, the Internet bubble woldn't have occured, Venture Capital firms would have nowhere to put their money, and 50% of the high tech workforce would be working at the local Wal Mart. Maybe that's just me being cynical.

Anyway, it's not entirely clear what you are working with, or what you are trying to achieve. If you want to put something into a URL, you can change the HREF of a given object dynamically, or even have an HREF that is of the "javascript:" variety. Either way, you are doing something wierd if the client has to figure out the URLs.

It might be better to do the calculations in parallel on the server instead of trusting the client to send data back to you. Imagine someone figured out what you were doing and made a page something like:

<INPUT TYPE=hidden NAME=item_1_id    VALUE="XB17 Hovercraft">
<INPUT TYPE=hidden NAME=item_1_price VALUE="$250,000">
<INPUT TYPE=hidden NAME=total        VALUE="$5.99">
[download]

You can imagine how bad that would look on the quarterly report.

If you want to do calculations on the client, go right ahead, but don't send these values back to the server and use them without checking. Remember that data that comes in from the client is guilty until proven innocent. You never know what those crazy users are going to do.

Comment on Re: making perl scripts play nicely together Download Code

Replies are listed 'Best First'.
Re: Re: making perl scripts play nicely together by strfry() (Monk) on Jul 03, 2001 at 17:32 UTC
haha no, i was very unclear apparently. the calculations aren't done client-side; the formatting (regex) is though; the URL is static, i want it to to say `http://www.yahoo.com/cgi-bin/perl.cgi?` i just want the price to be reformatted from $1.99 to 1.99, for example. or from jkadhsjaa$.99 to .99, if you see what i'm doing. (stripping all but numbers and dots from price variable) the transaction is already processed, all that the user could fool with is a secondary logging system (i mean, if they feel that they have the spare time to fool a survey system, more power to them.) i just want to get the variable that i've regexed to appear within a tag like: `<IMG SRC="http://www.google.com/perl.cgi?amount=newstr">` just that, and nothing more. to be more concise, this is exactly what i want it to do: `<SCRIPT LANGUAGE="JavaScript"> var re = /([^\d\.]+)/g; var str = "FINAL_SUBTOTAL"; var newstr = str.replace(re, ""); <IMG SRC="https://www.google.com/perl.cgi?amount=newstr"> </script>` [download] see what i'm trying to do? just making the "newstr" value be automated; i just can't figure out how javascript returns (actually, writes) a variable to a page. in perl, i'd be doing this: `my $str = $other_scripts_input; my $newstr; $newstr =~ s/([^\d\.]+)/g; print "<img src=\"http://www.someurl.com/perl.cgi?amount=$newstr\">";` [download] but as i've said, i've not been given the time (at the moment) it takes to modify someone else's brainchild ): i do appreciate all help given. (you see, this is really a temporary workaround until i'm granted the time to modify their perl script and do it the right way) strfry	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re: Re: making perl scripts play nicely together
by strfry() (Monk) on Jul 03, 2001 at 17:32 UTC

http://www.yahoo.com/cgi-bin/perl.cgi?

<IMG SRC="http://www.google.com/perl.cgi?amount=newstr">

<SCRIPT LANGUAGE="JavaScript">
var re = /([^\d\.]+)/g;
var str = "FINAL_SUBTOTAL";
var newstr = str.replace(re, "");
<IMG SRC="https://www.google.com/perl.cgi?amount=newstr">
</script>
[download]

my $str = $other_scripts_input;
my $newstr;
$newstr =~ s/([^\d\.]+)/g;
print "<img src=\"http://www.someurl.com/perl.cgi?amount=$newstr\">";
[download]

strfry

[reply]
[d/l]
[select]