I'm assuming you already know Perl, otherwise I would certainly learn it before attempting to use it on a server.

Anyway, patronising over...

If your form uses method='GET' then parameters will be stored in

$ENV{QUERY_STRING}

, in the format

firstname=John&lastname=Doe&display=Doe%2C+John

(same as you see in URL's).

If your form uses method='POST' then input will be stored in a string in the same format, but fed into STDIN instead. The length is

$ENV{CONTENT_LENGTH}

bytes, so

read( STDIN, $postData, $ENV{CONTENT_LENGTH})

.

You'll need to unescape the output, and also change '+' into ' '.

I recommend you use the CGI module for parsing all form data (GET, POST, etc) if using perl. Trying to do it manually will just open you up to security issues.

Please advise perl_diver? I always thought it was my choice what I did with the form input.

The CGI module is the standard for processing form data with perl, has been for many years now. But it is your choice, you can write your own code to process form data if you want to or need to for some reason.

i would second p_d's recommendation here.
you have nothing to lose by using CGI.pm and little to gain by doing it yourself.

Due to the number of hits on my server, I try to keep code size to a minimum. I'd rather have a couple of lines of my own code, than a whole module of somebody elses. I realise it's a lot more function than just the form processing. Plus, I know it's reinventing the wheel but you don't learn by using other people's code, I often try to write my own version of some things if I feel I can learn from it.

I have used it on occasion as I can't work out how to process multipart forms for file uploads.

As you said, personal preference, but either way works.

You may find this discussion informative too:

[perlmonks.org...]

the CGI module only loads the functions you need, there is no need to load up the entire module. If you only want to use it for form processing (which is all I use it for in general) just load up the cgi functions/methods.

use CGI qw/:cgi/;

Thanks for that link, I didn't know about the null byte thing, but I have no intention of letting end users near anything even remotely systemy, let alone my shell.

I couldn't get the article about file uploads unfortunately, it 404ed.

Thanks again for the info.

Back to the point though, Plum please let us know how you get on.

>> Plus, I know it's reinventing the wheel but you don't learn by using other people's code,

You are right, but if you look at the source code of the CGI module (or other modules) I'll bet you can learn a thing or two and incorporate that into your own code. Like how to parse multi-valued form fields:

'SplitParam' => <<'END_OF_FUNC', 
sub SplitParam { 
 my ($param) = @_; 
 my (@params) = split ("\0", $param); 
 return (wantarray? @params : $params[0]); 
} 
END_OF_FUNC  

Thank you for the info from all you people. I was able to complete my project w/out having to use server-side scripting. It did motivate me to expand my knowledge so i will be learning a scripting language.

again thanks everyone