Validating alphanumeric characters and entering data from an HTML form

Question

Validating alphanumeric characters and entering data from an HTML form

I am new to Perl programming and have several compilation problems that I cannot solve. My program is getting data from this HTML form.

Question: Should my form use a message or get method?

<FORM action="./cgi-bin/Perl.pl" method="GET">
     <br>
     Full name: <br><input type="text" name="full_name" maxlength="20"><br>
     Username: <br><input type="text" name="user_name" maxlength="8"><br>
     Password: <br><input type="password" name="password" maxlength="15"><br>
     Confirm password: <br><input type="password" name="new_password" maxlength="15"><br>

I open a CSV file, write the user_name value to an array, and do a series of checks on the user login.

Problem # 1: I need to check that the fully qualified username, username, password and new_password are alphanumeric or spaces, but I keep getting a few errors that look like this:

Use of uninitialized value $full_name in string eq at Perl.pl line 33

I don't think I used the CGI correctly to get these values from the form. I also believe that I am checking alphanumeric characters incorrectly. How can I solve this?

Problem # 2: I need to redirect a user to a specific web page if their passwords don't match and if the username has already been met. I've used a meta redirect, but it's not as successful. How can I show the correct error page?

This is my code:

#!/usr/bin/perl 
use CGI qw(:standard);
use strict;
use warnings;

print "Content-type: text/html\n\n";

#opening Members.csv for reading
my $file = '/home/2014/amosqu/public_html/cgi-bin/Members.csv';
open(my $csv, '<', $file)  || die "Could not open your file";

#getting these from HTML form
my $full_name = param('full_name');
my $user_name= param('user_name');
my $password = param('password');
my $new_password = param('new_password');

my @users = ();

#splitting each line of csv file
foreach (<$csv>) {
     chomp;
     my @fields = split (/\,/);
     push @users, $fields[1]; #put all usernames inside of array
}

close $csv;

#opening Members.csv for appending
open(my $fh, '>>', $file) || die "Could not open your file";

#SOURCE OF PROBLEM 1
#checking that all values are alphanumeric
if(($full_name && $user_name && $password && $new_password) eq /\A[[:alnum:]]+\z/) {
      #if passwords don't match, redirect to error page
      if($password ne $new_password){
         print qq(<html>\n);
         print qq(<head>\n);
         print qq(<title> Passwords don't match. </title> \n);
         print qq{<meta http-equiv="refresh"content="5;URL="http://www.cs.mcgill.ca/~amosqu/registration.html">\n};
         print qq(</head>\n);
         print qq(<body>\n);
         print qq(<b><center> Passwords don't match </b></center>\n\n);
         print qq(</body>\n);
         print qq(</html>\n);
     }
      #if they do match, check that user name isn't in Members.csv
      else { 
          if(grep (/$user_name/, @users)) {
             print qq(<html>\n);
             print qq(<head>\n);
             print qq(<title> Sorry username already taken. </title>\n);
             print qq{<meta http-equiv="refresh"content="5;URL="http://www.cs.mcgill.ca/~amosqu/registration.html">\n};
             print qq(</head>\n);
             print qq(<body>\n);
             print qq(<b><center> Username already taken. </b></center>\n\n);
             print qq(</body>\n);
             print qq(</html>\n);
        }
        #if it isn't already in Members.csv append values to the file
        else { 
             print $fh "$full_name, $user_name, $password \n";
       }
    }
}

close $fh;

+3

html perl alphanumeric

sofdelg 02 dec. '14 at 7:35

source to share

1 answer

Borodin · Answer 1 · 2014-12-02T09:22:06+0000

This should get you started. There are a number of issues with your code that don't stop it from working, but the current wisdom is not to use CGI

at all, so I'll roll with you.

Use GET

if you don't have a compelling reason to usePOST
The problem is here
```
if(($full_name && $user_name && $password && $new_password) eq /\A[[:alnum:]]+\z/) {

      

        
        
        
      

    
```
You are using a Boolean operation &&

, which concatenates the truth of three variables and checks if it matches as a string the content matches $_

this regular expression.

You have to test each of the variables separately and use the bind operator =~

to test them against a regular expression. This is also a bad form of using POSIX character classes. I suggest you use grep

like this
```
my $mismatch = grep /[^A-Z0-9]/i, $full_name, $user_name, $password, $new_password;

      

        
        
        
      

    
```
Now $mismatch

true if any of the variables contains a non-alphanumeric character. (Strictly, it is set to the number of variables that have a non-alphanumeric character, which is zero (false) if none of them do.)

Then you can say
```
if (not $mismatch) { ... }

      

        
        
        
      

    
```
It looks like you just need else

one that creates a separate page.

Validating alphanumeric characters and entering data from an HTML form

More articles: