CassJ has asked for the wisdom of the Perl Monks concerning the following question:
Sorry if this is a bit long-winded. In over my head, I think...
I'm trying to write some code to parse some cgi-uploaded data. At the moment, data is uploaded and unpacked, if required, into a tmp directory and then parsed. The problem is this data could be of various (and ever increasing) types so I want to make it easy to install new parsers.
The GUI is generated using XML and XSLT and it generates a seperate tab for each possible type of data (by some magic that I didn't write and don't understand!). So, when adding a new parser it's just a case of adding a section to the XML, which is easy enough to automate. The cgi-query then contains a param 'upload_data_type' whose value depends on the tab used for upload.
So, I had a ParserFactory which would just take the value of 'upload_data_type' and try to load a class something like:
sub get_a_parser{ my $type = shift; my $parser = "EP::Parser::$type"; eval "require $parser" or die "can't find a parser. Are you sure it's +installed?"; return new $parser; }
The idea being that now all you would need to do to install a new parser is stick the appropriate .pm file in EP/Parser/ and add a section to the GUI XML which sets the 'upload_data_type' param to the name of the .pm file and it'll work.
A colleague says that the eval 'require $parser' stuff makes him uncomfortable cos you only get an error at runtime, but I can't see that it makes much difference as the main script isn't run until the user submits the page so it's not as though we could warn them of the problem earlier even if we caught it at compile time. I guess there could be security issues with loading a module based on a name from a cgi query, but I could strip it of dodgy characters first.
So: is this a bad plan? Is there a better way of doing it?
Thanks for any suggestions,
Cassxx
update:
Thanks for all your help! Cxx
|
---|