Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re^4: [Perl-CGI] Print non-interpolated string

by Digioso (Sexton)
on Apr 04, 2014 at 09:45 UTC ( #1081098=note: print w/replies, xml ) Need Help??


in reply to Re^3: [Perl-CGI] Print non-interpolated string
in thread [Perl-CGI] Print non-interpolated string

Thanks, I managed to fix it.
The documentation is... let's say not really clear on how to use it.
It says: $escaped_string = escapeHTML("unescaped string");

But for manual use it's $escaped_string = $cgi->escapeHTML("unescaped string");
Unfortunately this is not mentioned in the documentation but Google found the Syntax for me. This method is not importet by using 'use CGI;'. It's a method on the $cgi-Object. :)

And you're right: This method is used automatcally only for forms created using CGI.pm and not on my self-written HTML-code.
  • Comment on Re^4: [Perl-CGI] Print non-interpolated string

Replies are listed 'Best First'.
Re^5: [Perl-CGI] Print non-interpolated string
by mr_mischief (Monsignor) on Apr 04, 2014 at 16:18 UTC

    CGI has two operating modes: OO and procedural. You have to import the procedural portions to get that syntax.

    Also, it's not Perl that's evaluating your code as to Perl it's just text data until you use something like eval $text. Your browser, on the other hand, feels free to interpret HTML as HTML in an HTML document type. Look into both escaping characters (as you have done), and into additional issues like HTML entities in general and <pre></pre> tags. While you're at it, look into SQL injection and XSS.

      Thanks, my problem came up together with SQL injections basically. Not that I've been hit by that but I noticed the possibility.
      Regarding XSS I think that I'm kinda safe, since I considered that while programming but a having a deeper look won't hurt. :)
Re^5: [Perl-CGI] Print non-interpolated string
by Anonymous Monk on Apr 05, 2014 at 08:06 UTC
      OK, reading it whole explains a lot. :)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1081098]
help
Chatterbox?
[shmem]: LanX: now I have to find a succinct transformation FOOL => MONK
[LanX]: yeah but Marto already proposed a new "Lex Sun-D" ...
[karlgoethebier]: the word really exists: http://www. urbandictionary. com/define.php? term=fool
[shmem]: ...possibly involving RTFM
[karlgoethebier]: big surprise!
[Eily]: LanX I try to avoid answering, but I did feel that this one post was going into much detail to prove a false claim (that SHA-1 is secure, I was just wrong about how insecure it is)
[LanX]: ironically...
[LanX]: yeah whatever ... I'm in the favorable condition to already autohiding him ... how can I judge the poor FOOLs who still see his contributions xD
[Eily]: he's been pretty saavy about threads that were implictly about him in the past. I think he might have deliberatly avoiding mentioning it for some reason (he got tired?)
[Eily]: he did mention one of his propositions: basically make it possible to ignore downvotes, by separating them more from the upvotes

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (8)
As of 2017-07-24 17:23 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I came, I saw, I ...
























    Results (356 votes). Check out past polls.