This is a key concept for both projects. I'll review some sample code on the whiteboard.
When processing TEXTAREA form inputs, you'll need to do a search and replace on "control-M" characters (if you're using CGI.pm, it will not take care of this for you). This is most relevant to the Calendar Project, since the "description" field for an event should be a TEXTAREA field. Control-M's are included along with the "\n" linefeed character by some browsers when a form is submitted. They can ruin the format of your text data file if you don't remove them, as they may be interpreted as linefeeds (your results will vary on different operating systems). To avoid any problems, do a search and replace as follows:
$input =~ s/\cM//g;
From there, you'll want to remove all carriage return and newline characters too, as they also can ruin the format of your data file. You'll probably want to replace them with a space, like this:
$input =~ s/\n/ /g; $input =~ s/\r/ /g;
The Digital Camera Shopper project is a good example of a CGI application that requires you to maintain "state." This means that it's important for your application to keep track of users and tell them apart from each other as they go from page to page. A good solution is to use cookies. Cookies also have another use, which we'll discuss in a few minutes.
The CGI.pm module provides some built-in functions to help you use cookies. We're going to look at a tutorial on another site to see how this is done. Before we go to that, we need to first look at how its author uses the CGI.pm module. In an earlier lecture I mentioned that there are two different ways to invoke CGI.pm: the function-oriented method and the object-oriented method. So far we've used the function-oriented method. Let's review the function-oriented method and also learn about the object-oriented method, since the cookie tutorial uses the object-oriented method.
Now here's the cookie tutorial: How to Use Cookies.
There are a couple points made in the tutorial that I'd like to emphasize:
If you have a Netscape browser, you can view your cookie information in Netscape's cookies.txt file. If you have Internet Explorer on Windows 95/98, you'll find your cookies in a subdirectory of the Windows directory called "cookies". On Windows NT, each user account has its own "cookies" directory under the WINNT/Profiles directory.
Here's a practical example of using a CGI environment variable. One thing you'll probably want to avoid is having the whole world take advantage of your CGI scripts. You can do this by checking the HTTP_REFERER, which indicates the name or IP address of the server that's referring the user to your script. If they're coming from a form other than yours, you can refuse their access. Here's a portion of a Perl script that does this:
# use @referers to define acceptable referrers.
@referers = ('www.georgetown.edu','georgetown.edu','141.161');
# Check the referring URL to make sure it is valid.
foreach $referer (@referers) {
if ($ENV{'HTTP_REFERER'} =~ /$referer/i) {
$check_referer = 1;
last;
}
}
if ($check_referer != 1) {
print "Content-type: text/html\n\n";
print <<"end_tag";
<HTML>
<HEAD>
<TITLE>Access Error</TITLE>
</HEAD>
<BODY>
<P><B>Access Error: the form that is trying to use this CGI script is not allowed access to this cgi script. If your domain is not part of <I>georgetown.edu</I>, then you are not allowed access to this CGI script.
</BODY>
</HTML>
end_tag
exit;
}
Perl is a freely distributed, open source language. This means that anyone can work on additions or fixes to Perl. The actual Perl distribution is maintained by a core group of programmers who accept or reject changes that have been submitted from the Perl community.
Programmers in the the Perl community also build and freely distribute Perl modules. These modules are not reviewed or modified by any central authority, so their quality varies.
Members of the Perl community also create FAQs to help new Perl programmers, and participate in forums to ask and answer questions about Perl.
Below are links to some of the Perl resources on the Internet: