For an absolute beginner a bad explanation code looks like this: open (FILE, ">$file") or die "Can't write to $file - $!";
It would be more simple to tell them: open (FILE, ">$file"); Then they will understand more easy about how easy is to open a file for writing. After that you can tell about a write permission, tell that this operation might not succeed and it might give an error. You can tell that that error is printed in <STDERR> which is the screen, the web server log file, nohup.out file, etc. You need to explain then how the "or" or "||" work and then you can give the example with the well written code: open (FILE, ">$file") or die "Can't write to $file - $!"; Teddy, Teddy's Center: http://teddy.fcc.ro/ Email: [EMAIL PROTECTED] ----- Original Message ----- From: "Ovid" <[EMAIL PROTECTED]> To: "Octavian Rasnita" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, November 26, 2002 6:10 PM Subject: Re: tutorials --- Octavian Rasnita <[EMAIL PROTECTED]> wrote: > Yes, but a good tutorial for beginners doesn't include all the advanced > things. Yes. > It should be the simplest possible. Yes. > It should be not fully correct for all the cases but simple to understand. Yes. But it should not be wrong. The information presented in CGI101 is simply, flat-out wrong. The course is 1. filled with cargo-cult code 2. bad coding style 3. poor security practices 4. handles file access incorrectly 5. doesn't use strict 6. no warnings 7. no taint checking I don't like to be that harsh about anything or anyone and writer of the course writes well, but the material is simply bad. There's no way to get around that or to justify exposing a new programmer to coding practices that he or she will have to *unlearn*. As for "simple to understand", here's an example taken from Elizabeth Castro's first book. This line is virtually identical to the one from CGI101 (there is only one character of difference between the two). I think this fails the "simple to understand" rule because brand-new programmers cannot tell me what it does, much less what the bug is. $value =~ s/%([a-fA-F0-9] [a-fA-F0-9])/pack("C", hex($1))/eg; > The reason most people that want to start programming in Perl change their > mind and use another programming language like PHP, or ASP, etc, is that > most examples are very complicated. Complicated? Here's a *good* way to grab form values: use CGI qw(:standard); my $first_name = param('first name'); my $last_name = param('last name'); my @colors = param('colors'); my $email = param('email'); That is not complicated. That is not even remotely complicated. You can compare that with the broken code from the CGI101 course and see that the above is *much* easier. As an added bonus, it works. The CGI101 code will fail to handle that for many reasons. I suppose we could argue that it's okay to let someone use poorly written, dangerous code on just their own box. Of course, the first time their box gets hacked as a result, they're going to be miserable. I've found plenty of examples of programmers using CGI101 style techniques who leave their boxes wide open to any attacker as a result. Of course, if they follow advice presented in my course, or in any of the (relatively few) excellent books on the subject, this is much less likely. Cheers, Ovid ===== "Ovid" on http://www.perlmonks.org/ Web Programming with Perl: http://users.easystreet.com/ovid/cgi_course/ Silence Is Evil: http://users.easystreet.com/ovid/philosophy/decency.txt __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
