|No such thing as a small change|
(Ovid - why your CGI code is broken) Re(2): "Action" variables and form databy Ovid (Cardinal)
|on Apr 10, 2001 at 11:44 UTC||Need Help??|
You ask why your code is broken, so here goes:
Your suggestion on how to parse the CGI code reveals a subtle flaw that is, unfortunately, all to common in programming: it's not robust.
Here's the original FORM tag:
Here's your code to parse it:
That code is going to work perfectly fine and as long as the format string remains the same, you can test it all day long and not notice problems. However, the following query strings will all break:
All of the above are valid query strings (even the second with duplicate parameter names), but will cause your code to fail, or in the case of the last one, to produce output the programmer may not be testing for ($action eq 'process r%E9sum%E9'). The problem is that while your code works now, the first time some programmer in the future tries to do something unexpected with the query string, your code will fail. Part of our job as programmers is to anticipate issues like this and write code that is robust enough to handle these issues.
Hope this helps!
Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.