LibWeb::CGI - Extra cgi supports for libweb applications


NAME

LibWeb::CGI - Extra cgi supports for libweb applications


SUPPORTED PLATFORMS

BSD, Linux, Solaris and Windows.


REQUIRE


ISA


SYNOPSIS

  use LibWeb::CGI;
  my $q = new LibWeb::CGI();
  my $parameter = $q->parameter('cgi_param_to_fetch');
  my $param = $q->param('cgi_param_to_fetch');
  print $q->header();
  $q->redirect( -url => '/cgi-bin/logout.cgi', -cookie => 'auth=0' );
  $q->send_cookie( [$cookie1, $cookie2] );
  $q->sanitize( -text => $user_input, -allow => ['_', '-'] );
  $q->fatal(
             -msg => 'Password not entered.',
             -alertMsg => '$user did not enter password!',
             -helpMsg => \('Please hit back and edit.')
           );


ABSTRACT

This class ISA the vanilla CGI.pm to provide some additional features. It is still considered to be experimental but used internally by LibWeb::Session and LibWeb::Admin.

The current version of LibWeb::CGI is available at

   http://libweb.sourceforge.net

Several LibWeb applications (LEAPs) have be written, released and are available at

   http://leaps.sourceforge.net


TYPOGRAPHICAL CONVENTIONS AND TERMINOLOGY

Variables in all-caps (e.g. MAX_LOGIN_ATTEMPT_ALLOWED) are those variables set through LibWeb's rc file. Please read the LibWeb::Core manpage for more information. `Sanitize' means escaping any illegal character possibly entered by user in a HTML form. This will make Perl's taint mode happy and more importantly make your site more secure. Definition for illegal characters is given in the LibWeb::Core manpage. All `error/help messages' mentioned can be found at the LibWeb::HTML::Error manpage and they can be customized by ISA (making a sub-class of) LibWeb::HTML::Default. Please see the LibWeb::HTML::Default manpage for details. Method's parameters in square brackets means optional.


DESCRIPTION

METHODS

new()

args: [ -post_max=>, -disable_uploads=>, -auto_escape=> ]

header()

If you provide parameter to that method, it will delegate to the vanilla CGI's header(); otherwise, it will print out ``Content-Type: text/html$CRLF$CRLF'' immediately (faster?). $CRLF will depend on the machine you are running LibWeb and LibWeb will determine it automatically.

parameter()

  my $param = $q->parameter('cgi_parameter_to_fetch');

redirect()

Params:

  -url=> [, -cookie=> ]

This will redirect the client web browser to the specified url and send it the cookie specified. An example of a cookie to pass to that method will be,

  $cookie1 = 'auth1=0; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT';
  $cookie2 = 'auth2=0; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT';
  $q->redirect(
               -url => '/logged_out.htm',
               -cookie => [ $cookie1, $cookie2 ]
              );

For -cookie, you can pass either a scalar or an ARRAY reference. This method will eventually delegate to the vanilla CGI's redirect(). Why bother doing this is because the vanilla CGI's redirect() does not guarantee to work if you pass relative url; whereas LibWeb::CGI::redirect() guarantees that partial url will still work.

send_cookie()

This delegates to LibWeb::Core::send_cookie(). See the LibWeb::Core manpage.

fatal()

This delegates to LibWeb::Core::fatal(). See the LibWeb::Core manpage.

sanitize()

This delegates to LibWeb::Core::sanitize(). See the LibWeb::Core manpage.


AUTHORS

Colin Kong (colin.kong@toronto.edu)


CREDITS

Lincoln Stein (lstein@cshl.org)


BUGS

Bug number 1

When you delegate subroutine calls within a cgi script, $q->param(_variable_) or $q->parameter(_variable_) may not give you the value of _variable_ even you have passed a value for that variable in a HTML form. I do not know why. My two workarounds,

Bug number 2

new()

args: [ -post_max=>, -disable_uploads=>, -auto_escape=> ]

The -auto_escape doesn't seems to work as expected. Hopefully it will be resolved after I get a better understanding of how auto escape works in the vanilla CGI.

Bug number 3

There is no selfloaded method in LibWeb::CGI since whenever I try to put ``use SelfLoader;'' in this module, it just doesn't work well with the vanilla CGI. This has to be figured out.

Miscellaneous OO issues with the vanilla CGI have yet to be resolved.


SEE ALSO

the CGI manpage, the LibWeb::Class manpage, the LibWeb::Core manpage, the LibWeb::HTML::Default manpage, the LibWeb::HTML::Error manpage.

 LibWeb::CGI - Extra cgi supports for libweb applications