validating radiogroup with perl/cgi
Is it possible to validate a radio group (so something is checked off, or chosen) using server-side validation with Perl? If so, how?
I already have it for JavaScript, but I want this form to be able to be submitted even without JavaScript enabled. Thus I will need the validation on the server-side.
Th开发者_JAVA百科ere is no fixed name for the radio group, it can change, however there must be a name, so that @names = $cgi->param()
will give all the names.
I'm thinking along something that will give me the type, like the type in JavaScript, to determine if it's a radio button in a group.
Your CGI script receives form fields as name-value pairs without any information as to what type of visual form element generated the values.
Your CGI script must know the names of the input variables whose values it is going to validate. Having the names supplied to the script based on untrusted user input is risky IMHO—that includes using another field whose value is the name of the radio group.
Say, you have a variable called contact_me
which can take on values "yes"
and "no"
. There is absolutely no reason for your CGI script to care if the value was provided using
<select name="contact_me">
<option value="yes" selected="1">Please do!</option>
<option value="no">Oh no!!!</option>
</select>
or using
<input type="radio" name="contact_me" value="yes" checked="1">
<input type="radio" name="contact_me" value="no">
or if the user typed her answer into the text field
<input name="contact_me">
The only thing your CGI script needs to concern itself with is if the value of contact_me
is "yes"
or "no"
.
It looks like you do not have a firm grasp of CGI. Please see The World Wide Web Security FAQ: CGI (Server) Scripts as a starting point.
Please stop all of your CGI development until you understand the ramifications. I retract this remark in light of your comments clarifying the use of a config file to define parameter names (which, in principle, is orders of magnitude safer).
Pass another hidden input field containing the name of the radiogroup, then just read
@values = $cgi->param($cgi->param("radiogroup_name")); // IIRC
精彩评论