http://www.perlmonks.org?node_id=325890


in reply to Confirmation page using HTML::Template & CGI::Application

Excellent points by jeffa and jdtoronto that will be helpful in my own work. Two additional points:

1. True, Javascript is not to be trusted, and I always validate in my Perl script (as a function of untainting input). However, I still occassionally use JS to validate on the client side (if they have it turned on and aren't trying to crack it) as a preliminary filter because it's fast, no delay, no tapping of the server, no screen refresh. Double-coding? Yes. But it might make things more convenient for the average surfer. Just something to keep in mind.

2. If you are rolling your own confirmation page, and using H::T, consider the handy associate setting, which populates your template with the original data (I learned this from jeffa's helpful H::T tutorial): 
my $query = new CGI;
my $name = $query->param('name');
my $address = $query->param('address');
my $city = $query->param('city');
my $zip = $query->param('zip');

my $template = HTML::Template->new(filename => 
        '../confirmation.tmpl',
        associate => $query,
        die_on_bad_params => 0);

[download]

—Brad
"A little yeast leavens the whole dough."

Replies are listed 'Best First'.
Re: Re: Confirmation page using HTML::Template & CGI::Application
by jdtoronto (Prior) on Feb 02, 2004 at 19:43 UTC
    Good thoughts bradcathey.

    A wonderful example of double-coding, and a useful module ofr simple form manipulation is CGI::FormBuilder from Nate Wiger. This handly module generates JavaScript validation code that you can put in the form directly, or using HTML::Template.

    In fact Nate has a family of simple modules that work very well together including SQL::Abstract and HTML::QuickTable. I often use these for truly quick and dirty testing stuff or intranet goodies that will never go past the firewall.

    jdtoronto

[reply]

In Section Seekers of Perl Wisdom