Re: [MacPerl-WebCGI] Quoting body from a WWWboard posting

[Bruce Van Allen <bva@cruzio.com>]

At 9:59 AM -0600 7/22/99, Linda Hardesty wrote:

>This is the code I thought I had identified as containing the 
>problem, but one of my kind responders said I might need to post 
>more code.
>
>if ($quote_text == 1) {
>      @chunks_of_body = split(/\&lt\;p\&gt\;/,$hidden_body);
>      foreach $chunk_of_body (@chunks_of_body) {
>         @lines_of_body = split(/\&lt\;br\&gt\;/,$chunk_of_body);
>         foreach $line_of_body (@lines_of_body) {
>            print NEWFILE ": $line_of_body\n";
>         }
>         print NEWFILE "\n";
>      }
>   }
>
>The split function never seems to find any &lt etc., or insert any 
>colons, except at the beginning of the text.
>
>$hidden_body is set to $body when the posting is to contain a quote. 
>$body comes from what someone has typed into a TEXTAREA on the 
>previous posting. Here is the beginning of the program, as modified 
>by me:

[snipped code from start of WWWBoard CGI]

1. Too many of us too many times find errors, security problems, or 
poor handling of special cases in MW's scripts. I would guess many 
have also learned some Perl the hard way by trying to fix these 
scripts... ;-)

2. In what I've quoted above from your message, there is one glaring 
question: Is your intent to split on the string '<p>' or the 
string '<p>'  ?? In HTML it's necessary to escape '<' & '>' so the 
browser doesn't interpret them as part of HTML markup. But *not so* 
in Perl. in Perl, your statements from above would be:

	 @chunks_of_body = split(/<p>/,$hidden_body);
		...
	@lines_of_body = split(/<br>/,$chunk_of_body);

if you are trying to split on the P or BR HTML elements.

So my guess is that neither split() is actually splitting the 
variables $hidden_body and $chunk_of_body, which means the entire 
value of $hidden_body is surviving into the first instance of 
$line_of_body, which is then printed to NEWFILE with ': ' pre-pended 
to it. After that first go-through, there's nothing left to process, 
giving the result you describe above.

3. If you're trying to split on '&lt;p&gt;' then the problem is from 
elsewhere. The code you include from beginning of the CGI isn't 
helpful here because it's just the invocation of several subroutines, 
one or more of whose code might be where the problem arises.

4. As an alternative to a rough learning experience, there are two 
reliable Perl CGI-handling programs/modules that many coders use for 
handling the basics of CGI. They are the older cgi-lib.pl by Steve 
Brenner, <http://cgi-lib.stanford.edu/cgi-lib>, and the newer and 
more comprehensive CGI.pm, by Lincoln Stein, which now comes as part 
of the Perl installation. Still have to learn with these, but you'll 
get more support and can assume much more reliable and secure base 
code for your scripts. Of course, you'll have to build a web board on 
your own, making use of what these provide you plus some 
file-handling. CGI.pm is documented in a book known as "Official 
Guide to CGI.pm" by Lincoln Stein; Steve Brenner's book might still 
be available, too. There's also online documentation and examples for 
both.

As a way to get started, install the little script below in your 
server. Point your web browser at it. If you get some results like:

Variables Check

Perl Version = 5.00502.

SERVER_SOFTWARE = Apache/1.3.3 (Unix)

GATEWAY_INTERFACE = CGI/1.1

DOCUMENT_ROOT = /cruzio/web/pages

REMOTE_ADDR = 165.227.130.18

SERVER_PROTOCOL = HTTP/1.0

  etc. [many more lines of environment variables]

then CGI.pm is installed, and you're in business.

Note that you might have to fiddle with the path to Perl, and this 
script assumes that Perl 5 is installed. If it's not, a) complain to 
your server admin, and/or fall back to installing cgi-lib.pl (Perl 4 
version), and go from there (but not using this little script).

*******Utility script follows this line:

#!/usr/local/bin/perl5

##################################################
# Title:   var-test.cgi
# Author:  Bruce Van Allen, bva@cruzio.com
# Purpose: to check settings and variables
#          in preparation for installation of
#          CGI script and related files.
####
# Usage:   a) Install in web server (any directory).
#          b) If downloaded as var-test.cgi.txt,
#             remove the ".txt" from the name.
#          c) Set permissions to 0755.
#          d) Call with web browser.
#          e) Report output.
##################################################


use CGI qw/:all/;

$q = CGI::new();

print $q->header(-type=>'text/html');

print $q->start_html();

print $q->h1('Variables Check');

print $q->p("Perl Version = $]\.");

foreach $key (keys %ENV) {
	print p("$key = $ENV{$key}");
	}

print $q->end_html();

exit(0);

*******End of utility script.


Hope that helps.

1;
- Bruce

# ~~~~~~~~~~~~~~~~~~~
# Bruce Van Allen
# bva@cruzio.com
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Director
# WireService, an Internet service bureau
# Serving the educational and nonprofit sectors
# wire@wireservice.org
# http://wireservice.org
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

==== Want to unsubscribe from this list?
==== Send mail with body "unsubscribe" to macperl-webcgi-request@macperl.org