form validation with perl

LNC · #1 (**permalink**) 12-20-2007

Hey guys, I'm just messing around with a perl webpage. The idea is to make a simple validation form that will later insert a record into my DVD database. it's all very basic at the moment, and I worked up my script from the form validation example I found on this website: http://www.elated.com/articles/form-validation-wi
th-perl-and-cgi/ . When I put this script on my webserver, it works fine.

My form just has 3 text fields and a button. The problem is, when I enter text and try to submit, the text I entered dissapears and I get the error messages, stating that the boxes are empty. For the life of me, I can't figure out what is wrong with it. Mind you, I've just started learning PERL in bits and pieces, from examples I find on the web, so if I'm missing the obvious here, please don't shoot me .

Any help or pointers is more than welcome

Anyway, here's the script:

Code:

#!/usr/bin/perl
use CGI;

# Create the CGI object
my $query = new CGI;

# Output the HTTP header
print $query->header();

# Process form if submitted; otherwise display it
if ( $query->param("submit") )
{
process_form();
}
else
{
display_form();
}

sub process_form
{
if ( validate_form() )
{
print <<END_HTML;
<html><head><title>Thank You</title></head>
<body>
Thank you - your form was submitted correctly!
</body></html>
END_HTML
}
}

sub validate_form
{
my $dvd_title = $query->param("dvd_title");
my $number_of_discs= $query->param("number_of_discs");
my $year = $query->param("year");
my $error_message = "";

$error_message .= "Please enter the DVD title<br>" if ( !$dvd_title );
$error_message .= "Please enter the number of discs<br>" if ( !$number_of_discs );
$error_message .= "Please enter the year<br>" if ( !$year );

if ( $error_message )
{
# Errors with the form - redisplay it and return failure
display_form ( $error_message, $dvd_title, $number_of_discs, $year );
return 0;
}
else
{
# Form OK - return success
return 1;
}
}

sub display_form
{
my $error_message = shift;
my $dvd_title = shift;
my $number_of_discs = shift;
my $year = shift;

# Remove any potentially malicious HTML tags
$dvd_title =~ s/<([^>]|\n)*>//g;
$number_of_discs =~ s/<([^>]|\n)*>//g;
$year =~ s/<([^>]|\n)*>//g;

print <<END_HTML;
<html>
<head><title>Add a DVD</title></head>
<body>

<form action="adddvd3.pl" method="post">
<input type="hidden" name="submit" value="submit">

<table>
<tr><td colspan="2" style="text-align:center">$error_message</t
d></tr>
<tr><td>DVD Title:</td><td><input type="text" name="dvd_title" value="$dvd_title"></td></tr>
<tr><td>Number of Discs:</td><td><input type="text" name="number_of_discs" value="$number_of_discs"></td></tr>
; <tr><td>Year:</td><td><
;input type="text" name="year" value="$year"></td></tr>
<tr><td colspan="2" style="text-align:center"><input type="submit" name="submit" value="submit"></td></tr>
</table>
</form>

</body></html>
END_HTML
}

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
validation on a parameter	Henley55	UNIX for Dummies Questions & Answers	1	04-20-2008 05:33 PM
S-231: Adobe Form Designer and Form Client Vulnerabilities	iBot	Security Advisories (RSS)	0	03-27-2008 10:10 AM
perl cgi form action target	garric	Shell Programming and Scripting	4	12-09-2007 01:07 AM
URL form ip	wojtyla	Linux	1	04-09-2005 09:39 AM
Changing Unix form to Microsoft Word form to be able to email it to someone.	Cheraunm	UNIX for Advanced & Expert Users	8	05-24-2002 04:58 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Switch to Linear Mode Switch to Hybrid Mode Threaded Mode	Rate This Thread:


	Powered by