Re: RE: browser reload

Tue, 11 Feb 2003 09:50:57 -0800 

thanks!

what type of security does the CGI module include that cgi-lib doesn't have?

>>> "Dan Muey" <[EMAIL PROTECTED]> 02/11/03 06:30 AM >>>
Because you call log_data() everyt time the script is run regardless of input
So it will write do log_data when you first bring up the form because $in{'Submit'} 
will always not equal 'Submit' Until the user does soemthing to make it equal 'Submit'

1)
You should check input always!!!!
2) always do :
#!/perl -w

Use strict;
3)
Don't use cgi-lib.pl use CGI perl module for security, and othere issues.

4) to avoid runnning it do sonething like this :

if(something) { log_data(); }
else { main_page(); }


> Hi all,
> 
> I have a cgi with a here doc, 
> which takes the input fields (name, address, city, zip, etc.) 
> and writes to a file.
> 
> it work fine, BUT when you press "Reload" on the browser it 
> keeps writing blank data to the output file.
> 
> Does anyone know how I can prevent this?
> 
> 
> thanks for any help,
> Pam
> 
> 
> 
> Here's a snippet -------------------------
> 
> #!/usr/local/bin/perl
>  
> # Use Steve Brenner's CGI libraries:
> require("cgi-lib.pl");
> 
> # Print the all-important HTML headers:
> print PrintHeader();
> 
> # Read any passed-in input, and put it into a hash named 
> "in": ReadParse();
> 
> 
> clean_up();
> log_data();
> 
> if (($in{'Submit'} ne  "Submit")) {
> 
> 
> 
>  #display html page
>  print <<EOF;
> 
> <HTML>
> <HEAD>
> form to fill out
> 
> </HTML>
> EOF;
> 
>  #subroutine to clean up data
> sub clean_up{
> #get rid of comma anywhere in users input
>       $in{'Q1'} =~ s/,//g;
>       $in{'Q2'} =~ s/,//g;
>       $in{'Q3'} =~ s/,//g;
>       $in{'Q4'} =~ s/,//g;
>       $in{'Q4'} = s/Street/ST/g;
>       $in{'Q7'} =~ s/California/CA/g;
> } 
> 
> 
> sub log_data {
>       $lock_ex = 2;
>       $lock_un = 8;
>       open(OUT, ">>test.txt");
> 
>       #lock file
>       flock (OUT, "$lock_ex");
>       print OUT $date;
>       print OUT "\,";
>       print OUT uc($in{'Q1'});
>       print OUT ",";
>       print OUT uc($in{'Q2'});
>       print OUT ",";
>       print OUT uc($in{'Q3'});
>       print OUT ",";
>       print OUT uc($in{'Q4'});
>       print OUT ",";
>       print OUT uc($in{'Q5'});
>       print OUT ",";
>       print OUT uc($in{'Q6'});
>       print OUT ",";
>       print OUT uc($in{'Q7'});
>       print OUT ",";
>       print OUT $in{'Q8'};
>       print OUT ",";
>       print OUT $in{'Q9'};
>       print OUT "\n";
>       close(OUT);
>       #unlock the file
>       flock(OUT, "$lock_un");
> }  
>  
> 
> sample output file:
> 02/10/03,DOE,JANE,AUTHOR,123 MAIN ST,,BERKELEY,CA,94123,[EMAIL PROTECTED]
> 02/10/03,,,,,,,,,
> 02/10/03,,,,,,,,,
> 
> 
> -- 
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to