Training, Open Source computer languages
PerlPHPPythonMySQLApache / TomcatTclRubyJavaC and C++LinuxCSS 
Search for:
Home Accessibility Courses Diary The Mouth Forum Resources Site Map About Us Contact
 
For 2023 (and 2024 ...) - we are now fully retired from IT training.
We have made many, many friends over 25 years of teaching about Python, Tcl, Perl, PHP, Lua, Java, C and C++ - and MySQL, Linux and Solaris/SunOS too. Our training notes are now very much out of date, but due to upward compatability most of our examples remain operational and even relevant ad you are welcome to make us if them "as seen" and at your own risk.

Lisa and I (Graham) now live in what was our training centre in Melksham - happy to meet with former delegates here - but do check ahead before coming round. We are far from inactive - rather, enjoying the times that we are retired but still healthy enough in mind and body to be active!

I am also active in many other area and still look after a lot of web sites - you can find an index ((here))
passing a variable from PERL into an HTML form

Posted by forrestcook (forrestcook), 4 October 2006
Here's my deal:

I've got a guestbook program up and running (mostly) that requires for part of it's operation that a text field that was initially entered into an HTML form be passed through my CGI script and back into a hidden text field generated by the same CGI script. It's working fine until someone uses a double quote in the first text box and then it acts up. I could solve it by filtering out the double quotes (tr/"/'/ but then I'd be changing what they wrote, and with nested quotes in some paragraphs that would be unfavorable.

here's what I have as far as code snippets so far:
Quote:
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
     ($name, $value) = split(/=/, $pair);
     $value =~ tr/+/ /;
     $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
     $value =~ s/<!--(.|\n)*-->//g;
     $value =~ s/<([^>]|\n)*>//g;
     #$value =~ tr/"/'/;
     $INPUT{$name} = $value;
}


That's my header complete with commented out quote filter.

Quote:
<input type="hidden" name="message" value="$INPUT{'message'} "><br />\n


and that is where it prints into the hidden text field... any ideas? Need more info? I'll b checking back frequently...

Forrest Cook

Posted by admin (Graham Ellis), 5 October 2006
Try:

$input{message} =~ s/"/&quot;/g;

It looks like your problem is a double quote within the double quoted string in the HTML. Replace the double quotes with the &quot; code and it should be fine.

Posted by forrestcook (forrestcook), 5 October 2006
wow.... I was trying to solve it in a much more complicated way. Thanks for the obvious answer that I would never have thought of!




This page is a thread posted to the opentalk forum at www.opentalk.org.uk and archived here for reference. To jump to the archive index please follow this link.

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2024: Well House Manor • 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • FAX: 01144 1225 793803 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho