Re: help with progress bar

2004-01-16 Thread gerry 
> On Fri, 16 Jan 2004 09:32:30 -0500, [EMAIL PROTECTED] (Zentara)
> wrote:
>
>>Yeah, when they open the second window, they can do some tricks.
>>I'm going to look closely at that today.I'm gonna figure something
>>out. :-)
>
> Well I got it workingI can see why you had problems.
>
> 1. Did you get the perl package...or the php package? I know you
>mentioned php in your previous post.
>
> 2. It took some hacking to get it to work. He was deleting the
> files after uploading them, and din't mention that in the docs.
> Probably to not waste space on his server.  Also the javascript
> didn't setup properly, and I had to manually add it to the script.
>
> 3. He didn't setup any method to save the files. I had to hack that.
>
> So after I test it a bit more, I'll put up a demo on my site, and show
> you what I did.
>
> The way he did it, was to setup a session-id, so when you submitted the
> file, it was saved to the session-id.  Then he used javascript to start
> a second cgi, and passed the session-id to it. The second cgi would
> write to the new javascript window, and display filehandle size of the
> session-id upload.
>
Yeah...I got all of what he was doing but didn't see that he wasn't saving
any file to the server. I look forward to seeing what you come up with
then I'll pick your brain some more.
Thanks,
Gerry

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: msql + cgi form parse error

2004-01-16 Thread Chris Cosner 
This is a follow-up that I have been meaning to post for a month or so.

The situation was a misbehaving form on a system I am maintaining. Further 
investigation of the code for the form revealed other problems, such as 
improper use of eval. The problem boiled down to -- rewrite or do spot fixes.
Wiggins gave some great advice, and I ended up rewriting at least 50% of 
the code for the form.

This was a particularly devilish problem because it turns out there were 
several things wrong.
1. The form was not properly limiting the length of the data it accepted in 
some fields.
2. Some fields in the database were not of the proper type/length to accept 
reasonable data (!?)
3. The perl code did very little to validate user inputs and correct 
problems with the data (!?)
4. The user interface looked like crud (not as big a deal, but important) 
and did not provide a verbose confirmation to users.

I would have worked through this faster if I had not assumed that since the 
form had worked 'well enough' for a couple years it must only have a minor 
problem or two. The fix involved use of the quotemeta function (very 
handy!), fixing the sql field definitions, and several regex 
transformations to get rid of some common user errors (such as pasting in 
text that contained tabs)and a fair amount of time to improve the 
interface. Now it's very stable, and visibly better. I didn't go the route 
of binding variables (as Wiggins suggested), but might later. Another 
validation layer to consider is javascript to check data before submit.

I guess my advice then is to not avoid reevaluating an entire system just 
because it's currently 'good enough' and you hope it's a quick fix. And 
thanks again.

-Chris

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]