Curtis Poe wrote:
>
> There are a number of problems with your code snippet, but syntax is not one of
>them. If it is
> indented properly to show scope, you can quickly see that the curly brackets are
>fine:
>
> sub Parse
> {
> my $buffer;
> if($ENV{REQUEST_METHOD}eq'GET')
> {
> $buffer=$ENV{QUERY_STRING};
> }
> else
> {
> read(STDIN,$buffer,$ENV{CONTENT_LENGTH});
> }
> my @p = split(/&/,$buffer);
> foreach(@p)
> {
> $_=~tr/+//;
> my ($n,$v)=split(/=/,$_,2);
> $n=~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
> $v=~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
> $v=~s/(\<.*?)(embed|object|script|applet)(.*?\>)/$1$3/gis;
> if($In{$n})
> {
> $In{$n}.="\t$v";
> }
> else
> {
> $In{$n}=$v;
> }
> }
> }
>
> Now I'm going to get a bit forthright, so my apologies in advance!
>
> That being said, you should never, never try to parse CGI form data by hand. Once
>you understand
> thoroughly why you shouldn't, you might be qualified to give it a try. I have a
>standing deal
> with everyone to show me there hand-rolled form parsing code and I will find at
>least 5 bugs or
> limitations. I've never lost (now Randal or Kevin Meltzer or someone is going to
>take me up on
> that :)
>
> 1. In your code, you can't easily mix GET and POST (though you rarely want to).
> 2. You don't test if the read is successful.
> 3. Does the length of the data read from STDIN match the CONTENT_LENGTH?
> 4. Does not support the new ';' as a delimeter.
> 5. $v=~s/(\<.*?)(embed|object|script|applet)(.*?\>)/$1$3/gis; does not belong there.
> 6. $In{$n}.="\t$v". You should be using a proper data structure.
> 7. You should be using strict (not everyone does, but code like this tells me the
>programmer
> needs it).
8. The statement $_=~tr/+//; is a NOOP. It counts the plus (+) characters in $_ and
discards the result. The contents of $_ are not changed.
John
--
use Perl;
program
fulfillment
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
