Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Preventing GET and POST from getting mixed-up

by xaphod (Monk)
on Aug 19, 2003 at 08:13 UTC ( [id://284816]=perlquestion: print w/replies, xml ) Need Help??

xaphod has asked for the wisdom of the Perl Monks concerning the following question:

I'm writing a mod_perl handler. Nothing exciting, just learning the art and having fun. Only I've hit a little snag-ette...

I have a form like this:

<form action="" method="post"> <input type="hidden" name="form" value="login"> name <input type="text" name="name"> password <input type="text" name="pass"> </form>
I can get the results of this form easilly using Apache::Request.
print "\nParameters:\n"; my $apr = Apache::Request->new($r); my @params = $apr->param; if (@params) { for my $param (@params) { print " $param: ", $apr->param($param), "\n"; } } else { print "NO PARAMETERS\n"; }
Which gives me:
Parameters: form: login name: username pass: password
Which is fine. However, if the URL this is posted to has a GET query string such as http://www.mine.org/handler?name=foo then I get this:
Parameters: name: foousername ## ---- an array form: login pass: password

So, obviously, Apache::Request does not differentiate between GET and POST data. However, I'd like to keep the two seperate. So my question to my fellow monks.... What would be the best way to stop my GET data and my POST data getting mixed up?

I can think of a couple of ways to do it. But I'd like to find a simple, efficient, and elegant solution.

--
TTFN, FNORD

xaphod

Replies are listed 'Best First'.
Re: Preventing GET and POST from getting mixed-up
by liz (Monsignor) on Aug 19, 2003 at 08:20 UTC
    Some people might consider that a feature.

    But if you don't, and assuming you're using mod_perl 1.*, you might want to have a look at the "args" method. If that returns anything, you will have had parameters specified in the query string. And you could remove those arguments from what Apache::Request is returning to you.

    Hope this helps.

    Liz

      What if the same parameter names are specified both in the GET parameters and the POST parameters?

      Do you need to differentiate between these and know which values were passed in which place?

      -- Eric Hammond

        I'm afraid so.

        I'd appreciate it if someone would know a better way, as I will soon have to deal with this myself as well.

        Liz

        Do you need to differentiate between these and know which values were passed in which place?

        Ideally, yes.

        --
        TTFN, FNORD

        xaphod
Re: Preventing GET and POST from getting mixed-up
by Juerd (Abbot) on Aug 19, 2003 at 08:36 UTC

    Combining GET and POST stuff is a feature, but I don't like the feature. So for PLP, I did something different.

    I wanted hashes. There is string => value data, and hashes are the most Perlish interface. Their elements interpolate much easier than method calls. I have %get for the query string stuff and %post for the POST stuff. %post is not built until you need it. Should anyone like to have these combined into one, then they can use %fields. $get{'foo'} is always one item. If there were multiple foos, they're in the arrayref $get{'@foo'}. I hate being surprised by nullbytes or array references :)

    Have a look at PLP::Fields.

    Juerd # { site => 'juerd.nl', plp_site => 'plp.juerd.nl', do_not_use => 'spamtrap' }

Re: Preventing GET and POST from getting mixed-up
by derby (Abbot) on Aug 19, 2003 at 17:13 UTC
    The way I've tackled this before is to retrieve the GET args and then retrieve any POST params. You then have two query strings that you would have to manually parse.

    # First get any GET params my $qgs = $r->args; # If we also have POST params if( $r->method_number == M_POST ) { $qps = $r->content; }

    There's plenty of code around (CGI) that can show you how to correctly split the query strings (taking into account the two param separators and multiple params).

    -derby

Re: Preventing GET and POST from getting mixed-up
by cfreak (Chaplain) on Aug 19, 2003 at 13:19 UTC

    Disclaimer: this is all IMHO :)

    Really, I think the most correct way is to not mix GET and POST methods. If you need to pass parameters to your script along with your form then pass them as hidden fields with your POST and if you're using GET, just use URLs. That way you can use the $ENV{REQUEST_METHOD} to know how your user accessed the script, and still do whatever you need to with the named parameters. Really, what difference does it make how they were passed to the script?

    Again IMHO

    Lobster Aliens Are attacking the world!

      Disclaimer: this is all IMHO :)

      Well, your opinion is perfectly valid, and in that past that's how I've done things (eventually I may giveup on this particular intellectual challenge and just do it as you suggest). But, if possible, I'd like to avoid the need to specify an action in my forms, having my form POSTed to the current URL, which may (or may not) include GET vars.

      --
      TTFN, FNORD

      xaphod

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://284816]
Approved by valdez
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others exploiting the Monastery: (2)
As of 2024-03-15 05:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found