Validating alphanumeric characters and entering data from an HTML form
I am new to Perl programming and have several compilation problems that I cannot solve. My program is getting data from this HTML form.
Question: Should my form use a message or get method?
<FORM action="./cgi-bin/Perl.pl" method="GET">
<br>
Full name: <br><input type="text" name="full_name" maxlength="20"><br>
Username: <br><input type="text" name="user_name" maxlength="8"><br>
Password: <br><input type="password" name="password" maxlength="15"><br>
Confirm password: <br><input type="password" name="new_password" maxlength="15"><br>
I open a CSV file, write the user_name value to an array, and do a series of checks on the user login.
Problem # 1: I need to check that the fully qualified username, username, password and new_password are alphanumeric or spaces, but I keep getting a few errors that look like this:
Use of uninitialized value $full_name in string eq at Perl.pl line 33
I don't think I used the CGI correctly to get these values ββfrom the form. I also believe that I am checking alphanumeric characters incorrectly. How can I solve this?
Problem # 2: I need to redirect a user to a specific web page if their passwords don't match and if the username has already been met. I've used a meta redirect, but it's not as successful. How can I show the correct error page?
This is my code:
#!/usr/bin/perl
use CGI qw(:standard);
use strict;
use warnings;
print "Content-type: text/html\n\n";
#opening Members.csv for reading
my $file = '/home/2014/amosqu/public_html/cgi-bin/Members.csv';
open(my $csv, '<', $file) || die "Could not open your file";
#getting these from HTML form
my $full_name = param('full_name');
my $user_name= param('user_name');
my $password = param('password');
my $new_password = param('new_password');
my @users = ();
#splitting each line of csv file
foreach (<$csv>) {
chomp;
my @fields = split (/\,/);
push @users, $fields[1]; #put all usernames inside of array
}
close $csv;
#opening Members.csv for appending
open(my $fh, '>>', $file) || die "Could not open your file";
#SOURCE OF PROBLEM 1
#checking that all values are alphanumeric
if(($full_name && $user_name && $password && $new_password) eq /\A[[:alnum:]]+\z/) {
#if passwords don't match, redirect to error page
if($password ne $new_password){
print qq(<html>\n);
print qq(<head>\n);
print qq(<title> Passwords don't match. </title> \n);
print qq{<meta http-equiv="refresh"content="5;URL="http://www.cs.mcgill.ca/~amosqu/registration.html">\n};
print qq(</head>\n);
print qq(<body>\n);
print qq(<b><center> Passwords don't match </b></center>\n\n);
print qq(</body>\n);
print qq(</html>\n);
}
#if they do match, check that user name isn't in Members.csv
else {
if(grep (/$user_name/, @users)) {
print qq(<html>\n);
print qq(<head>\n);
print qq(<title> Sorry username already taken. </title>\n);
print qq{<meta http-equiv="refresh"content="5;URL="http://www.cs.mcgill.ca/~amosqu/registration.html">\n};
print qq(</head>\n);
print qq(<body>\n);
print qq(<b><center> Username already taken. </b></center>\n\n);
print qq(</body>\n);
print qq(</html>\n);
}
#if it isn't already in Members.csv append values to the file
else {
print $fh "$full_name, $user_name, $password \n";
}
}
}
close $fh;
source to share
This should get you started. There are a number of issues with your code that don't stop it from working, but the current wisdom is not to use CGI
at all, so I'll roll with you.
-
Use
GET
if you don't have a compelling reason to usePOST
-
The problem is here
if(($full_name && $user_name && $password && $new_password) eq /\A[[:alnum:]]+\z/) {
You are using a Boolean operation
&&
, which concatenates the truth of three variables and checks if it matches as a string the content matches$_
this regular expression.You have to test each of the variables separately and use the bind operator
=~
to test them against a regular expression. This is also a bad form of using POSIX character classes. I suggest you usegrep
like thismy $mismatch = grep /[^A-Z0-9]/i, $full_name, $user_name, $password, $new_password;
Now
$mismatch
true if any of the variables contains a non-alphanumeric character. (Strictly, it is set to the number of variables that have a non-alphanumeric character, which is zero (false) if none of them do.)Then you can say
if (not $mismatch) { ... }
-
It looks like you just need
else
one that creates a separate page.
source to share