An earlier post of mine, Online CGI Resources, generated a bit of interest but, unfortunately, did not answer my question of whether or not there was a good online tutorial for CGI with Perl. I've finally come to the conclusion that if I want such a course I'll need to write it myself. Not only do I think the course would make an interesting project for me, but it will teach me a lot about Perl and be a great addition to a résumé.

Needless to say, I won't be able to crank something like this out overnight. I want to take the time to set this up correctly and get insight from fellow Monks on how to approach this. Here are some of my ideas in no particular order:

Being an editor instead of an author.

I realize that other monks may desire to contribute to something like this (that's a hint, folks). Perhaps other monks would volunteer to write or peer review the work. I'd be doing more project management than writing, but I like this idea because I feel that a good CGI/Perl course is more important than my personally getting credit for writing it.

Addressing security first.

I'm sick and tired of leafing through CGI books and seeing security being treated as a footnote. It needs to be dealt with thoroughly. Since the assumption is that most students going through the tutorial are going to be new to CGI, they will probably be new to security issues also.

Part of the problem here is that even works that cover security issues tend not to show what they are protecting against. Though I am loathe to hand newbies a bunch of exploits, if they are really determined to learn them, they're going to learn them. Might as well show them up front what some of the dangers are so they have more than just a "don't forget to taint check" admonishment. If the student isn't shown the dangers of SSI or pipes in input fields, how do they know to guard against them?

Host the tutorial on Perlmonks.

While I certainly don't know how vroom would feel about that, such a tutorial would address a whole slew of questions that many newbies ask. Wouldn't it be nice to say to some Anonymous Monk "Go see chapter 6 of the Perlmonks' CGI course"?

The tutorial would not be aimed at complete novices.

The tutorial should assume some basic knowledge of both Perl and HTML on the part of the student. While the student may not necessarily understand what a hash slice is, the student should at least know what a hash is. If the tutorial is also teaching Perl, it's going to be five times as long.

The tutorial uses -w, strict, and CGI.pm.

These are my biggest complaints (after security) regarding online CGI courses. Do I even need to explain them?

Exercises and sample answers at the end of every chapter.

One of the things I liked about the Camel book is the exercises at the end of every chapter. I have always preferred books that offer this as it allows me good, bite-sized problems that allow me to test my new-found knowledge without being so difficult or large as to intimidate me.

Suggestions and offers of assistance welcome!

little_mistress suggested the following to me: after showing the basics, have a chapter entitled "Don't run these scripts." This chapter would demonstrate many of the common problems with CGI on the Web and how to exploit those problems. A later chapter would be the aforementioned scripts cleaned up. Another approach would be every chapter having a bad script and a good script demonstrating some of the code shown in that chapter.

That was a great suggestion and I would love to have more. The Perl community could really use something like this but I'd need a fair amount of help and advice. Let me know what you think!

Cheers,
Ovid