homepage Welcome to WebmasterWorld Guest from 54.167.238.60
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / Perl Server Side CGI Scripting
Forum Library, Charter, Moderators: coopster & jatar k & phranque

Perl Server Side CGI Scripting Forum

    
Using javascript to validate Perl generated forms
A simple example showing how to use javascript in Perl
tedkurtz




msg:4396143
 9:14 pm on Dec 9, 2011 (gmt 0)

For some time now I have been using javascript to validate HTML forms and Perl to process the data submitted from those forms. I generated the HTML forms using Dreamweaver and stored the forms as HTML files on the server.

I recently ran into a situation where I had to generate forms using CGI scripts and stored on the server as CGI scripts. I wanted to use javascript to validate those forms but ran into problems. I Googled around and found some pertinent stuff on this very forum. There were claims that this was impossible. Some presented examples of code that were claimed to do work, but I found them difficult to understand.

Here is some code which I wrote that works. It is written in a very verbose style so that I, and perhaps others like me, can understand it. I hope you pros will understand and forgive me for that. You could probably rewrite this as a couple of lines.

Here is the Perl code that generates the form and validates the submitted fields using javascript. The name field is required and the guests field gets all commas converted to ampersands so that the name and guests fields can be combined and sent into a csv database (not here).

#!/usr/bin/perl -w
use strict;
use CGI ':standard';

# Set the background color #rrggbb
print header;
my $color = "#ffffdd",;
print start_html(-title=>"Running javascript in Perl", -bgcolor=>$color);
print end_html;

my @y;# Compiler complained that this was absent

# I put the javascript in a variable as suggested in the following forum:
# http://www.webmasterworld.com/perl/3128782.htm
my $js = qq~
<script language="Javascript" type="text/javascript">
<!-- Hide script from old browsers

function hastext(val) {
return( val.length > 0 );
}

//Convert | and , characters to & for csv data
function fixillegal(val) {
while (val.search(/[|,]/) >= 0) {
val = val.replace(/[|,]/," &")
}
return(val);
}

// ################################################################
// All form validations are done here:
function submitme(BBRForm) {

// First check that all required fields are supplied with data

if( !hastext(BBRForm.name.value) ) {
alert( "Must supply a name." );
BBRForm.name.focus();
return(false);
}
BBRForm.name.value = fixillegal(BBRForm.name.value);

BBRForm.guests.value = fixillegal(BBRForm.guests.value); // Convert commas

// If we get to here the form should be OK.
return(true);
}
// ################################################################
// End hiding script from older browsers-->
</script>
~;# End of the javascript

# This is the path to the script servicing the submitted form.
my $path = "http://www.nbyc-cruise.com/cgi-bin/verify-form.cgi"; # Change this to the correct path!

# The lines after the next print statement are html code.
# The server will print (send) it to the browser which will interpret it.
# The code print << "TERMINATOR"; says print the following until you encounter TREMINATOR again.

# Note the use below in the html code of the function submitme(this), defined above in javascript.
# That function validates the fields in the html form and sets the focus to a field needing attention.
# This is something very nice, and easy to do in javascript.
print << "TERMINATOR";
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
<HTML>
<HEAD>
<TITLE>Verify Form Inputs</TITLE> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
$js
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<FORM NAME="form1" METHOD="post" ACTION=$path ONSUBMIT="return(submitme(this))">
<TABLE WIDTH="528" BORDER="1"> <TR><TD WIDTH="86">Name:</TD><TD WIDTH="426"><INPUT TYPE="text" NAME="name" MAXLENGTH="30">(Required)</TD></TR><TR><TD WIDTH="86">Guests:</TD><TD WIDTH="426"><INPUT TYPE="text" NAME="guests" MAXLENGTH="50"></TD></TR>
<TR><TD WIDTH="86">&nbsp;</TD><TD WIDTH="426"><INPUT TYPE="submit" NAME="Submit" VALUE="Submit"></TD></TR>
</TABLE></FORM>
</BODY>
</HTML>
TERMINATOR


Here is the Perl script that services the data submitted from the form. It just displays the data.


#!/usr/bin/perl -w
use strict;
use CGI ':standard';

print header;
print "<br>";

my $name = param('name');
my $guests = param('guests');
print "Name = $name<br>";
print "Guests = $guests<br>";


That's it. I hope this is helpful to someone.

 

explorador




msg:4398448
 10:49 pm on Dec 15, 2011 (gmt 0)

Welcome to WebmasterWorld.

There is a problem (potential problem) you are validating your input using only JS, that means at browser level. That's fine but anybody would be able of sending data to your form directly, that's why it's suggested to validate data on the browser side and on the server side as well.

tedkurtz




msg:4398621
 1:21 pm on Dec 16, 2011 (gmt 0)

Hello explorador. Thank you for your response.

I believe the issue you refer to occurs regardless of whether the form is generated by direct HTML code or by a CGI script generating the HTML code for the form. Am I right?

I have, in the past, used forms generated directly by HTML code, and validated the submitted data by using Javascript before sending the data to the server. I recently found myself needing to generate a form using CGI script, and wanted to validate the submitted data before sending it to the server. Some said that that was impossible, but they were clearly wrong.

mark_roach




msg:4398638
 1:54 pm on Dec 16, 2011 (gmt 0)

You might want to have a look at CGI-FormBuilder [search.cpan.org].

You can provide validation rules and it will generate the javascript for validation at the client and also do the server side validation. It works well with Template Toolkit if you want to seperate the logic from the presentation.

The module looks like it is actively being maintained again after a few years of inactivity.

explorador




msg:4405943
 6:31 pm on Jan 11, 2012 (gmt 0)

I recently found myself needing to generate a form using CGI script, and wanted to validate the submitted data before sending it to the server. Some said that that was impossible, but they were clearly wrong.

Yes you can generate a form via html or perl->html. But then another script (or the same one) will receive the submitted data. The best approach is to validate the data before sending it to the script and ALSO on the server side before doing any work with it (check for malicious input)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Perl Server Side CGI Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved