FAQ 9.16: How do I decode a CGI form?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
This message is one of several periodic postings to comp.lang.perl.misc
intended to make it easier for perl programmers to find answers to
common questions. The core of this message represents an excerpt
from the documentation provided with Perl.


9.16: How do I decode a CGI form?

    You use a standard module, probably CGI.pm. Under no circumstances
    should you attempt to do so by hand!

    You'll see a lot of CGI programs that blindly read from STDIN the number
    of bytes equal to CONTENT_LENGTH for POSTs, or grab QUERY_STRING for
    decoding GETs. These programs are very poorly written. They only work
    sometimes. They typically forget to check the return value of the read()
    system call, which is a cardinal sin. They don't handle HEAD requests.
    They don't handle multipart forms used for file uploads. They don't deal
    with GET/POST combinations where query fields are in more than one
    place. They don't deal with keywords in the query string.

    In short, they're bad hacks. Resist them at all costs. Please do not be
    tempted to reinvent the wheel. Instead, use the CGI.pm or CGI_Lite.pm
    (available from CPAN), or if you're trapped in the module-free land of
    perl1 .. perl4, you might look into cgi-lib.pl (available from
    http://cgi-lib.stanford.edu/cgi-lib/ ).

    Make sure you know whether to use a GET or a POST in your form. GETs
    should only be used for something that doesn't update the server.
    Otherwise you can get mangled databases and repeated feedback mail
    messages. The fancy word for this is ``idempotency''. This simply means
    that there should be no difference between making a GET request for a
    particular URL once or multiple times. This is because the HTTP protocol
    definition says that a GET request may be cached by the browser, or
    server, or an intervening proxy. POST requests cannot be cached, because
    each request is independent and matters. Typically, POST requests change
    or depend on state on the server (query or update a database, send mail,
    or purchase a computer).


Documents such as this have been called "Answers to Frequently
Asked Questions" or FAQ for short.  They represent an important
part of the Usenet tradition.  They serve to reduce the volume of
redundant traffic on a news group by providing quality answers to
questions that keep coming up.

If you are some how irritated by seeing these postings you are free
to ignore them or add the sender to your killfile.  If you find
errors or other problems with these postings please send corrections
or comments to the posting email address or to the maintainers as
directed in the perlfaq manual page.

Note that the FAQ text posted by this server may have been modified
from that distributed in the stable Perl release.  It may have been
edited to reflect the additions, changes and corrections provided
by respondents, reviewers, and critics to previous postings of
these FAQ. Complete text of these FAQ are available on request.

The perlfaq manual page contains the following copyright notice.


    Copyright (c) 1997-2002 Tom Christiansen and Nathan
    Torkington, and other contributors as noted. All rights

This posting is provided in the hope that it will be useful but
does not represent a commitment or contract of any kind on the part
of the contributers, authors or their agents.

Re: FAQ 9.16: How do I decode a CGI form?

PerlFAQ Server wrote:

> 9.16: How do I decode a CGI form?

>     You use a standard module, probably CGI.pm. Under no circumstances
>     should you attempt to do so by hand!
>     You'll see a lot of CGI programs that blindly....

(snipped obvious personal prejudice idiocy)

>     In short, they're bad hacks.

>   ...you might look into cgi-lib.pl

Stever Brenner's cgi-lib is precisely what this
Perl FAQ berates and forbids you to use.

My personal opinion is this specific FAQ is
written by a true-to-life blithering idiot,
possibly the same idiot who wrote the Perl
FAQ on parsing for numbers.

This type of such obvious idiocy is and has been,
for years, an absolute embarrassment to the Perl
Community. Perl FAQ maintainers should be very
ashamed of themselves.

Purl Gurl

Site Timeline