Not just security. Lots of other reasons too
Go to google.com and search for
CGI.pm vs cgi-lib.pl
>
> thanks!
>
> what type of security does the CGI module include that
> cgi-lib doesn't have?
>
> >>> "Dan Muey" <[EMAIL PROTECTED]> 02/11/03 06:30 AM >>>
> Because you call log_data() everyt time the script is run
> regardless of input So it will write do log_data when you
> first bring up the form because $in{'Submit'} will always not
> equal 'Submit' Until the user does soemthing to make it equal 'Submit'
>
> 1)
> You should check input always!!!!
> 2) always do :
> #!/perl -w
>
> Use strict;
> 3)
> Don't use cgi-lib.pl use CGI perl module for security, and
> othere issues.
>
> 4) to avoid runnning it do sonething like this :
>
> if(something) { log_data(); }
> else { main_page(); }
>
>
> > Hi all,
> >
> > I have a cgi with a here doc,
> > which takes the input fields (name, address, city, zip, etc.)
> > and writes to a file.
> >
> > it work fine, BUT when you press "Reload" on the browser it
> > keeps writing blank data to the output file.
> >
> > Does anyone know how I can prevent this?
> >
> >
> > thanks for any help,
> > Pam
> >
> >
> >
> > Here's a snippet -------------------------
> >
> > #!/usr/local/bin/perl
> >
> > # Use Steve Brenner's CGI libraries:
> > require("cgi-lib.pl");
> >
> > # Print the all-important HTML headers:
> > print PrintHeader();
> >
> > # Read any passed-in input, and put it into a hash named
> > "in": ReadParse();
> >
> >
> > clean_up();
> > log_data();
> >
> > if (($in{'Submit'} ne "Submit")) {
> >
> >
> >
> > #display html page
> > print <<EOF;
> >
> > <HTML>
> > <HEAD>
> > form to fill out
> >
> > </HTML>
> > EOF;
> >
> > #subroutine to clean up data
> > sub clean_up{
> > #get rid of comma anywhere in users input
> > $in{'Q1'} =~ s/,//g;
> > $in{'Q2'} =~ s/,//g;
> > $in{'Q3'} =~ s/,//g;
> > $in{'Q4'} =~ s/,//g;
> > $in{'Q4'} = s/Street/ST/g;
> > $in{'Q7'} =~ s/California/CA/g;
> > }
> >
> >
> > sub log_data {
> > $lock_ex = 2;
> > $lock_un = 8;
> > open(OUT, ">>test.txt");
> >
> > #lock file
> > flock (OUT, "$lock_ex");
> > print OUT $date;
> > print OUT "\,";
> > print OUT uc($in{'Q1'});
> > print OUT ",";
> > print OUT uc($in{'Q2'});
> > print OUT ",";
> > print OUT uc($in{'Q3'});
> > print OUT ",";
> > print OUT uc($in{'Q4'});
> > print OUT ",";
> > print OUT uc($in{'Q5'});
> > print OUT ",";
> > print OUT uc($in{'Q6'});
> > print OUT ",";
> > print OUT uc($in{'Q7'});
> > print OUT ",";
> > print OUT $in{'Q8'};
> > print OUT ",";
> > print OUT $in{'Q9'};
> > print OUT "\n";
> > close(OUT);
> > #unlock the file
> > flock(OUT, "$lock_un");
> > }
> >
> >
> > sample output file:
> > 02/10/03,DOE,JANE,AUTHOR,123 MAIN
> ST,,BERKELEY,CA,94123,[EMAIL PROTECTED]
> > 02/10/03,,,,,,,,,
> > 02/10/03,,,,,,,,,
> >
> >
> > --
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
>
> --
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
