Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re: CGI and Database

by monarch (Priest)
on Feb 09, 2009 at 04:19 UTC ( #742349=note: print w/replies, xml ) Need Help??

in reply to CGI and Database

According to RFC 2616: "In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe". This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested."

It may not seem important to you now, but you should consider ways of making your delete operations POST operations instead of GET operations - because a delete operation affects the underlying state of the system.

One way is to output HTML that starts a form:

<form action="" method="post"> <p>Delete <!-- TMPL_VAR NAME=record_name --> <input type="checkbox" name="delete_record" value="<!-- TMPL_VAR NAME=record_name -->" /> </p> <p><input type="submit" name="submit" value="submit" /></p> </form>

This example used HTML::Template as the templating technique (but there are many different ways to output the HTML).

Update: changed reference paragraph from RFC 2616.

Replies are listed 'Best First'.
Re^2: CGI and Database
by dsheroh (Prior) on Feb 09, 2009 at 12:43 UTC
    It may not seem important to you now...

    ...but it will as soon as google (or whatever other bot) finds the site, spiders all the links, and deletes your entire database.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://742349]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (3)
As of 2018-05-23 02:26 GMT
Find Nodes?
    Voting Booth?