| Standard input |
| The data that is passed to the server is made available to
the script in different ways depending on the method of
transmission (POST or GET). |
| Method |
| The value of the method attribute from the
form tag is held in REQUEST_METHOD. |
| POST |
| Post tends to be the preferred method of transmission
since it has no restriction on the amount of data that can be
sent. Data is sent via standard input, the amount of
data dictated by CONTENT_LENGTH. |
The code to retrieve this data is:
if ($ENV{'REQUEST_METHOD'} eq
'POST')
{
read(STDIN,
$post_buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/,
$post_buffer);
} |
| GET |
| Data appended to a link (eg.
href="cgi/proc?A=1&B=2") is always sent via GET.
The data is held in QUERY_STRING. |
The code to retrieve this data is:
if ($ENV{'REQUEST_METHOD'} eq
'GET')
{
@pairs = split(/&/,
$ENV{'QUERY_STRING'});
} |
| Pre-format |
Data passed via CGI is formatted to ensure
consistency of transmission. This involves replacing spaces
with '+' and non-printable characters (eg. tabs) with their
ASCII equivalent. This formatting needs to be undone,
as follows:
foreach $pair
(@pairs)
{
($name, $value) =
split(/=/, $pair);
$value =~ tr/+/ /; # Replace '+' with space.
$value =~
s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; #
Replace %hh with character
$value =~
s/<!--(.|\n)*-->//g;
if ($allow_html !=
1) # Flag to indicate whether HTML tags are
allowed.
{
$value =~
s/<([^>]|\n)*>//g;
}
$FormParms{$name} =
$value; # Add this name/value pair to a
hash for later use.
} |
| Cookies |
The content of cookies is available through the 'HTTP_COOKIE'
value within %ENV:
@cookies =
split(/;/,$ENV{'HTTP_COOKIES'});
foreach $cookie (@cookies)
{
($cookie_key,$cookie_value) = split(/=/,$cookie);
$cookie_crumbs{$cookie_key} = $cookie_value;
} |
