--- Abel Lucano <[EMAIL PROTECTED]> wrote:
>
> Hi everyone,
>
> why this doesn't pass $username and $password to checkuser.cgi script??
> when the form is filled out I only see
>
> http://external-server/cgi-bin/checkuser.cgi?user=$usuario&pass=$contrasena
>
> and $usuario it's not replaced by param('username'), etc
>
> Any advice will be very appreciated,
>
>
>
1 #!/usr/bin/perl
2
3 use CGI;
4 use CGI::Carp 'fatalsToBrowser';
5
6 $q = new CGI;
7 print $q->header,
8 $q->start_html({bgcolor=>"white"}, 'Check users'),
9 $q->h1('Check users'),
10 $q->br,
11
$q->start_form(-action=>'http://external-server/cgi-bin/checkuser.cgi?user=$usuario&pass=$contrasena'),
12 $q->h3('type user name'),
13 $q->textfield(-name=>'username', -size=>20),
14 $q->p(),
15 $q->h3('type user password'),
16 $q->password_field(-name=>'passwd', -size=>20),
17 $usuario = $q->param('username'),
18 $contrasena = $q->param('passwd'),
19 $q->p(),
20 $q->submit(-name=>'Check'),
21 $q->end_form, $q->hr,
22 $q->end_html;
There are a few problems with your script.
First, as mentioned earlier, Perl will not interpret values in strings in single
quotes. You'll
need double quotes.
Second, you have not assigned values to those variables (lines 17 and 18) until
*after* you tried
to use them (line 11). Had you used 'strict', you would have been warned about trying
to use a
global variable without an explicit package name.
Third, if your variable contain character with special meaning in a query string, then
the
resulting 'action' attribute will have problems. You need to escape those characters
with
URI::Escape. Try this:
#!/usr/bin/perl -wT
use strict;
use CGI;
use CGI::Carp 'fatalsToBrowser';
use URI::Escape;
my $q = new CGI;
my $uri_chars = "\0-\377";
my $usuario = uri_escape( $q->param('username'), $uri_chars );
my $contrasena = uri_escape( $q->param('passwd'), $uri_chars );
print $q->header,
$q->start_html({bgcolor=>"white"}, 'Check users'),
$q->h1('Check users'),
$q->br,
$q->start_form(-action=>"http://external-server/cgi-bin/checkuser.cgi?user=$usuario&pass=$contrasena";),
$q->h3('type user name'),
$q->textfield(-name=>'username', -size=>20),
$q->p(),
$q->h3('type user password'),
$q->password_field(-name=>'passwd', -size=>20),
$q->p(),
$q->submit(-name=>'Check'),
$q->end_form, $q->hr,
$q->end_html;
The $uri_chars variable will cause *everything* to be uri_escaped. If you only want
to escape
those characters that might pose a problem in the URL, try the following line:
my $uri_chars = '\x00-\x29\x2b\x2c\x2f\x3a-\x40\x5b-\x5e\x60\x7b-\xff';
Cheers,
Curtis Poe
=====
Senior Programmer
Onsite! Technology (http://www.onsitetech.com/)
"Ovid" on http://www.perlmonks.org/
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
