Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

[Perl-CGI] Print non-interpolated string

by Digioso (Novice)
on Apr 03, 2014 at 21:22 UTC ( #1081013=perlquestion: print w/ replies, xml ) Need Help??
Digioso has asked for the wisdom of the Perl Monks concerning the following question:

Heya Monks,

this may be just a stupid question but I couldn't find any solution for it so far... Basically I have a HTML form with a textarea you can copy anything you like into. The text is transferred via post method and then I want it to be displayed. So far so easy... But now I copy for example something like a whole Perl Script into the textarea. After clicking on submit Perl now starts to execute the contents of the textarea. My question is: How can I just display the text without Perl trying to execute it? Basically... how did they do it on this very website here with the \<code\> tags?
Just try using the sample script and copy the source code of the sample script into the textarea field in your browser.

Sample script:
#!/usr/bin/perl -w use warnings; use strict; use CGI; use CGI::Carp qw/fatalsToBrowser warningsToBrowser/; my $cgi = CGI->new(); print $cgi->header, # create the HTTP header $cgi->start_html(-title=>"Test", -author=>'webmaster at digioso.org'); if($ENV{'REQUEST_METHOD'} eq 'GET') { print qq{<form action = "textareatest.pl" name = "form" method = " +post"> <textarea name = "text" cols = "50" rows = "10"></text +area><br/> <input type = "submit"/> </form>}; } elsif($ENV{'REQUEST_METHOD'} eq 'POST') { my $text = $cgi->param('text'); print qq{$text<br/>}; } else { print "Unknown request method!<br/>"; } print "</body></html>"; exit 0;

Comment on [Perl-CGI] Print non-interpolated string
Download Code
Re: [Perl-CGI] Print non-interpolated string
by choroba (Abbot) on Apr 03, 2014 at 22:37 UTC
    After clicking on submit Perl now starts to execute the contents of the textarea
    I cannot reproduce the problem. If I run your script, HTML in the textarea is interpreted by the browser, but Perl commands are not run. To prevent the contents from evaluation, just replace all & to &amp;, and all < to &lt;.
    $text =~ s/&/&amp;/g; $text =~ s/</&lt;/g;
    لսႽ ᥲᥒ⚪⟊Ⴙᘓᖇ Ꮅᘓᖇ⎱ Ⴙᥲ𝇋ƙᘓᖇ
      Thanks for the links all. I'll check them out.
      For now I have uploaded my sample script here: http://digioso.org/textareatest.pl
      Weird thing that you cannot reproduce it. Possibly could have to do with the webserver settings or the installed Perl version then.
      Neither are under my control unfortunately since I'm on a large webhoster.
Re: [Perl-CGI] Print non-interpolated string
by Anonymous Monk on Apr 03, 2014 at 22:47 UTC
    See escapeHTML in CGI documentation, also see DebugCGI
Re: [Perl-CGI] Print non-interpolated string
by graff (Chancellor) on Apr 03, 2014 at 23:45 UTC
    If you want to preserve white-space patterns (e.g. line breaks, line-initial spaces, etc) when the browser displays the submitted text, you should apply the conversions described by choroba above, and then
    print qq{<pre>\n$text\n</pre><br/>};
      Thanks for this. :)
      It works with chorobas snippet and yours.
      I tried the escapeHTML function but Perl said that it couldn't find this one. According to the version 3.65 manual escapeHTML is being executed automatically.
      My webserver has CGI.pm version 3.42 installed.
      So my guess is that escapeHTML is a feature that was introduced in a later version.

        I tried the escapeHTML function but Perl said that it couldn't find this one.

        If you want to use the functional interface, either import the function, or use its fully qualified name (full name)

        According to the version 3.65 manual escapeHTML is being executed automatically.

        Well, you didn't understand what you read -- you're not using any of the form generators which would do this automatically

        So my guess is that escapeHTML is a feature that was introduced in a later version.

        Its been there for at least 20 years

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1081013]
Approved by boftx
Front-paged by ww
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (6)
As of 2014-07-24 21:25 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (167 votes), past polls