html form not working

Becky has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I've got a cgi script that creates a button on a webpage. When the button is pressed the form info is sent to another script. The button is created as follows:

print qq{<form action='/cgi-bin/opal/display_seview.cgi' method='post' target='new'>
<input type='hidden' name='text' value='$joined'/>
<input type='hidden' name='header' value='$query'/>
<input type='hidden' name='sequence' value='$whole_sequence'/>
<input type='submit' value='View Applet in new window'/></form>

};

The problem is with the variable $joined. When I view the source of the page I see that the end of input type tag, "/>, has been inserted before the end of the string in $joined. I've tried putting double quotes around the variables (with backslashes in front of them) but to no avail. Any ideas why this is happening? Thanks!

Comment on html form not working

Replies are listed 'Best First'.
Re: html form not working by kyle (Abbot) on Jan 18, 2007 at 11:53 UTC
I'm not sure what's going on, from your description, but I'm guessing you need to escape what's in `$joined`. CGI has an `escapeHTML` function that would help with that. `use CGI; print qq{<form action='/cgi-bin/opal/display_seview.cgi' method='post' + target='new'> <input type='hidden' name='text' value='@{ [ CGI->escapeHTML($joined) +] }'/> <input type='hidden' name='header' value='@{ [ CGI->escapeHTML($query) + ] }'/> <input type='hidden' name='sequence' value='@{ [ CGI->escapeHTML($whol +e_sequence) ] }'/> <input type='submit' value='View Applet in new window'/></form> };` [download] I'd probably use the the function available for making hidden fields, though: `use CGI; print qq{<form action='/cgi-bin/opal/display_seview.cgi' method='post' + target='new'>}; print CGI->hidden( 'text', $joined ); print CGI->hidden( 'header', $query ); print CGI->hidden( 'sequence', $whole_sequence ); print qq{<input type='submit' value='View Applet in new window'/></for +m>};` [download] `CGI->hidden` does the escaping for you (at least when I tried it).	[reply] [d/l] [select]
Re^2: html form not working by Becky (Beadle) on Jan 18, 2007 at 12:35 UTC
The cgi escape method worked perfectly thanks!	[reply]
Re: html form not working by shmem (Chancellor) on Jan 18, 2007 at 11:45 UTC
What does `$joined` contain at that time? Perhaps you want to send that to STDERR and have a look into the server error log. For printing, there's also here-docs: `print <<"EOF"; <form action='/cgi-bin/opal/display_seview.cgi' method='post' target=' +new'> <input type='hidden' name='text' value='$joined'/> <input type='hidden' name='header' value='$query'/> <input type='hidden' name='sequence' value='$whole_sequence'/> <input type='submit' value='View Applet in new window'/></form> EOF` [download] But anyways, as you're using CGI, you could build the form with CGI's methods - or grab CGI::FormBuilder. --shmem _($_=" "x(1<<5)."?\n".q·/)Oo. G°\ / /\_¯/(q / ---------------------------- \__(m.====·.(_("always off the crowd"))."· ");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}	[reply] [d/l] [select]
Re: html form not working by ferreira (Chaplain) on Jan 18, 2007 at 12:03 UTC
As shmem said you need to have a look at what `$joined` contains. You may dump it somewhere in generated HTML by using something like: `use CGI 'escapeHTML'; # needs to import &escapeHTML somewhere print <<HTML; <pre> @{[escapeHTML($joined)]} </pre> HTML` [download] The CGI function `escapeHTML` will escape special HTML characters (like < and >) and `pre` tag will outline them. You may want to use the same trick `@{[escapeHTML($joined)]}` to interpolate safely escaped variables in the generated page.	[reply] [d/l] [select]