CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Intermediate:
2 problems with client input

 



yapp
User

Jun 6, 2002, 11:28 AM

Post #1 of 3 (1089 views)
2 problems with client input Can't Post

I have two problems in my script with client input from CGI.
  1. If the input is in UNICODE (like greek, russian) my ascii-2-html-escapes convertor will mess up with the message.. (causing escapes, like ` to be displayed instead of the 2 byte UNICODE character
  2. Input from a <TEXTAREA> seams to be containing CrLf newline characters.. (at least with IE6 -> IIS/5.1) That's a bit confusing to split (or store in a file), because you'll get bad charage returns... This is because Perl always uses \n, no matter what input we have..


How can I solve these two things??

Yet Another Perl Programmer

_________________________________
~~> [url=http://www.codingdomain.com]www.codingdomain.com <~~
More then 3500 X-Forum [url=http://www.codingdomain.com/cgi-perl/downloads/x-forum]Downloads! Cool


fashimpaur
User / Moderator

Jun 6, 2002, 1:47 PM

Post #2 of 3 (1087 views)
Re: [yapp] 2 problems with client input [In reply to] Can't Post

I'll help with one problem. The other is a mystery to me since
I don't know what code your ascii-2-html-escapes converter is.

So, I am answering question 2.

From IE browsers on windows machines, the textarea input has
\r\n new line terminators. So, if using CGI, I would do the following:


Code
 use strict; 
use CGI;

my $cgi = new CGI;
my $textareavalue = $cgi->param("textarea_name");
$textareavalue =~ s/\r\n/\n/gm;



Hope this helps,
Dennis

$a="c323745335d3221214b364d545".
"a362532582521254c3640504c3729".
"2f493759214b3635554c3040606a0",
print unpack"u*",pack "h*",$a,"\n\n";


yapp
User

Jun 8, 2002, 1:28 AM

Post #3 of 3 (1078 views)
Re: [fashimpaur] 2 problems with client input [In reply to] Can't Post

Here is the code of HTML::EscapeASCII


Code
package HTML::EscapeASCII; 

#
# Copyright (c) 2001, Diederik van der Boor - All Rights Reserved
#
# webmaster@codingdomain.com
# http://www.codingdomain.com
#

use strict;


######################################################################################################
## Make the file settings...

BEGIN
{
use Exporter ();
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);

$VERSION = 1.00;
@ISA = qw(Exporter);

@EXPORT = qw(&FormatFieldHTML &FormatFieldText); # By default
@EXPORT_OK = (); # By request
%EXPORT_TAGS = (); # By tag
}


######################################################################################################


my %ASCIIConvert=(
'"'=>'quot',
'<'=>'lt',
'>'=>'gt',
chr( 34)=>'quot',
##chr( 38)=>'amp',# This is done first, so it doesn't affect characters that have been replaced already.
chr( 60)=>'lt',
chr( 62)=>'gt',
chr(162)=>'cent',
chr(163)=>'pound',
chr(164)=>'curren',
chr(165)=>'yen',
chr(166)=>'brvbar',
chr(167)=>'sect',
chr(168)=>'uml',
chr(169)=>'copy',
chr(170)=>'ordf',
chr(171)=>'laquo',
chr(172)=>'not',
chr(173)=>'shy',
chr(174)=>'reg',
chr(175)=>'macr',
chr(176)=>'deg',
chr(177)=>'plusmn',
chr(178)=>'sup2',
chr(179)=>'sup3',
chr(180)=>'acute',
chr(181)=>'micro',
chr(182)=>'para',
chr(183)=>'midpunt',
chr(184)=>'cedil',
chr(185)=>'sup1',
chr(186)=>'ordm',
chr(187)=>'requo',
chr(188)=>'fraq14',
chr(189)=>'frac12',
chr(190)=>'frac34',
chr(191)=>'iquest',
chr(192)=>'Agrave',
chr(193)=>'Aacute',
chr(194)=>'Acirc',
chr(195)=>'Atilde',
chr(196)=>'Auml',
chr(197)=>'Aring',
chr(198)=>'AElig',
chr(199)=>'Ccedil',
chr(200)=>'Egrave',
chr(201)=>'Eacute',
chr(202)=>'Ecirc',
chr(203)=>'Euml',
chr(204)=>'lgrave',
chr(205)=>'lacute',
chr(206)=>'lcirc',
chr(207)=>'luml',
chr(208)=>'ETH',
chr(209)=>'Ntilde',
chr(210)=>'Ograve',
chr(211)=>'Oacute',
chr(212)=>'Ocirc',
chr(213)=>'Otilde',
chr(214)=>'Ouml',
chr(215)=>'times',
chr(216)=>'Oslash',
chr(217)=>'Ugrave',
chr(218)=>'Uacute',
chr(219)=>'Ucirc',
chr(220)=>'Uuml',
chr(221)=>'Yacute',
chr(222)=>'THORN',
chr(223)=>'szlig',
chr(224)=>'agrave',
chr(225)=>'aacute',
chr(226)=>'acirc',
chr(227)=>'atilde',
chr(228)=>'auml',
chr(229)=>'aring',
chr(230)=>'aelig',
chr(231)=>'ccedil',
chr(232)=>'agrave',
chr(233)=>'eacute',
chr(234)=>'ecirc',
chr(235)=>'euml',
chr(236)=>'igrave',
chr(237)=>'iacute',
chr(238)=>'icirc',
chr(239)=>'iuml',
chr(240)=>'ograve',
chr(241)=>'ntilde',
chr(242)=>'ograve',
chr(243)=>'oacute',
chr(244)=>'ocirc',
chr(245)=>'otilde',
chr(246)=>'ouml',
chr(247)=>'divide',
chr(248)=>'oslash',
chr(249)=>'ugrave',
chr(250)=>'uacute',
chr(251)=>'ucirc',
chr(252)=>'uuml',
chr(253)=>'yacute',
chr(254)=>'thorn',
chr(255)=>'yuml',
);

my %HTMLConvert = reverse %ASCIIConvert;

my $ASCIIList = '(['. join('', sort keys %ASCIIConvert) .'])';
my $HTMLList = '('. join('|', sort keys %HTMLConvert) .')';

##################################################################################################
## HTML Escape Convert

sub FormatFieldHTML(@)
{
foreach(@_)
{
s/\&/&amp;/g;
s/$ASCIIList/\&$ASCIIConvert{$1};/g;
}
}

sub FormatFieldText(@)
{
foreach(@_)
{
s/\&$HTMLList;/$HTMLConvert{$1}/g;
s/&amp;/&/g;
}
}

1;


__END__

=head1 NAME

HTML::EscapeASCII - Converts special ASCII characters to HTML escape codes

=head1 SYNOPSIS

use HTML::EscapeASCII;

my @Fields = ('RenE<egrave>', 'Bites & bytes', 'Say <hello>');

&FormatFieldHTML(@Fields); # @Fields now is HTML text
# Values: Ren&egrave;, Bites &amp; bytes, Say &lt;hello&gt;

&FormatFieldText(@Fields); # @Fields is restored as plain text.


=head1 DESCRIPTION

This module makes converts plain text ASCII codes into HTML escape codes.
This will be very useful when showing the text input from a user,
preventing any text evaluated as HTML codes.

=head2 Exported Functions

=over

=item FormatFieldHTML(@Array)

Converts all the items in @Array from plain ASCII into HTML escape codes where useful.

=item FormatFieldText(@Array)

Reverses the changes done by FormatFieldHTML. All HTML escape codes are
replaced by their real ASCII equivalents.

=back

=head1 AUTHOR

Copyright (c) 2001, Diederik van der Boor - All Rights Reserved

webmaster@codingdomain.com
http://www.codingdomain.com

=cut


Yet Another Perl Programmer

_________________________________
~~> [url=http://www.codingdomain.com]www.codingdomain.com <~~
More then 3500 X-Forum [url=http://www.codingdomain.com/cgi-perl/downloads/x-forum]Downloads! Cool

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives