Tim Hogard's Quick and Dirty Perl CGI

Tim Hogard's Quick and Dirty Perl CGI

I write a quite a few simple web cgi programs and I tend to write them in Perl. The common way that most books and web examples make use of a few typical Perl modules but they are overkill for most projects and if you need speed, you don't have time to load the modules.

This is my basic perl cgi:

#!/usr/bin/perl -w
# tims cgi ver 3.50
$|=1; # set to unbuffered output
#look at what the user set to us in the URL
#POST data over writes what came in on the URL
read(STDIN, $query, $ENV{'CONTENT_LENGTH'}) if ($ENV{'CONTENT_LENGTH'} > 0);

foreach (sort(@q)) {
        ($name, $value) = split(/=/, $_);

        $name  =~ tr/+/ /;      # a space used to be encoded as a plus
        $value =~ tr/+/ /;
        # get rid of the hex we were sent
        $name  =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie;
        $value =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie;	
        $cgi_{$name}=$value;	# $cgi_ has xss unfriendly values
	# the following are to to stop cross site scripting but
	# they make it hard to check for & < > ( or ) in values
	$value =~ s/&/&amp;/gi;
	$value =~ s/>/&gt;/gi;
	$value =~ s/</&lt;/gi;
        $value =~ s/\(/&#40;/gi;
        $value =~ s/\)/&#41;/gi;
        #print "$name = $value \n";

#if cookies are going to be used
        #HTTP_COOKIE=var=val; var2=val2
        foreach(@x) {
		#print "$name = $value<br>\n";

#if path info is used 

print "Content-type: text/html\n\n";

foreach(sort(keys(%cgi))) {
	print "$_=$cgi{$_}<br>\n";
foreach(sort(keys(%cookie))) {
	print "$_=$cookie{$_}<br>\n";

All single letter variables can be optimized out but I tend to useit this way as its easier for others to understand.

The PATH_INFO allows you to put info in the url handed to the cgi such as

Version 3.47 Sep 16 2006 was to reduce cross site scripting issues.

Back to Tim's Homepage Back to current subject Related Links thogard@abnormal.com
 This page was last updated Tuesday, 28-Jun-2011 06:57:11 UTC Copyright 2000-2016 thogard™ is a trademark of Tim Hogard