Wijaya Edward wrote:
Hi,
Is there a way to determine the size of a parameter of a textarea or filefield in CGI.pm?
For example, given this form.
__BEGIN__
use CGI qw/:standard/;
# snip
textarea(
-name => 'some_name',
-rows => 10,
-columns => 50,
-wrap => 'physical'
);
#or
filefield(-name=>'upload_file', -size=>60)
__END__
We would like to know the size of:
param('some_name'); # of text area
You can't use the HTML tag's size attribute because:
a) its nbot passed in the reauest
b) even if it was it can easily be spoofed:
- say "state" has size="2" simply enter a url where
state=ajhsdbajhbcjkhasdbvkjhabdcjkhadbvjhabdfh
and its obvious that knowing it was 2 woudl be pointless and possibly
dangerous eif you were relying on it.
- same proinciple if it was passed, what woudl keep them from
spoofing it "state_size=99" obviously checking that would be pointless
at best, dangerous at worst
The best bet is to check it in your script:
if( length( param('state') ) != 2) {
die 'State must be 2 characters long!';
}
and
param('upload_file') # of file field
I've tried with:
uploadInfo($file)->{'Content-Length'};
But it doesn't print anything.
Becaus ethere is no contetn-length header for it :)
You can read the uploaded file in in chunks and either do the length
afterwards or, my fav, throw an error when it reaches a given size
(which also stops processing it so hopefully it will do its little part
to cut down on attempts to DOS your server :)
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
