Re: [MacPerl-WebCGI] Filters

[David Steffen <steffen@biomedcomp.com>]

At 9:04 AM -0500 12/16/00, tedd wrote:

>How does one control what a user enters in a text field when 
>gathering information via a perl cgi script?

Recall that all text entry will occur on the CLIENT, at a time when 
the host is not even connected any longer and has no control 
whatsoever over what the client does.  Given that, you have two 
choices:

1) Run your code on the client, e.g. Javascript or Java or something 
else.  The problem is, if you are running a public server, you have 
no guarantee that your code will run; the user might have Javascript 
turned off for example.  For me, there is another issue: I don't 
particularly like Javascript as a language.

2) Post-filter your data.  Have the user enter what they will but 
have the CGI that receives the submitted form filter the HTML 
variables.  The problem with that is that the user gets no feedback; 
they can't see the effects of the filtering as they enter so what 
they end up with could be something they would never intend.

>Are there standard routines for this? It seems like it would be a 
>common concern.

I bet there are some standard Javascript routines, but they might not 
be exactly what you want and in any case I don't know them :-(

-David-
David Steffen, Ph.D.
President, Biomedical Computing, Inc. <http://www.biomedcomp.com/>
Phone: (713) 610-9770 FAX: (713) 610-9769 E-mail: steffen@biomedcomp.com

==== Want to unsubscribe from this list?
==== Send mail with body "unsubscribe" to macperl-webcgi-request@macperl.org