Re: [MacPerl-WebCGI] Filters

[robinmcf@altern.org]

>At 9:04 AM -0500 12/16/00, tedd wrote:
>
>>How does one control what a user enters in a text field when
>>gathering information via a perl cgi script?


David Steffen <steffen@biomedcomp.com> wrote:
>... you have two choices:
>
>1)  Javascript
>2) Post-filter your data

I get the feeling it might be worthwhile expanding on why you have these 2
choices:

Basically what you're dealing with is a thing called server overhead, which
directly relates to the delay the client will perceive - basically if you
use your cgi to filter the data the client has to wait while the CGI
process the data and the output is sent back, whereas with javascript you
use the client's computer to process the data so there appears to be almost
no delay.

That's the 'why' however JS is a major headache to code- Internet Explorer
and Netscape have their own implementations, which means you have to write
two versions of everything checking all the while the kind of browser the
client has to make sure your script will work, and even then you'll
probably have to code a cgi version anyway just to cover clients which
aren't JS enabled.

As to the existence of ready written code, maybe the poster should explain
what input he wants to filter -
is it to check for  nasty stuff like "query?key=value\n\nperl -e unlink *.*;"
is it to check if data is valid (ie emails, right data type whatever)

HTH

Robin

==== Want to unsubscribe from this list?
==== Send mail with body "unsubscribe" to macperl-webcgi-request@macperl.org