stackoom
  简体   繁体   中英

What is the difference between pre($ENV{'QUERY_STRING}) and ($cgi->param())?

 原文  2010-01-29 19:37:07       perl/ cgi/ environment-variables/ params

Question

for a perl cgi script, what is the difference (technically) between these two? 

#!/usr/bin/perl 
use CGI; 
$cgi = new CGI; 
print $cgi->header(),
$cgi->start_html(),
$cgi->pre($cgi->param()), 
$cgi->end_html();

and 

#!/usr/bin/perl 
use CGI; 
$cgi = new CGI; 
print $cgi->header(),
$cgi->start_html(), 
$cgi->pre($ENV{'QUERY_STRING'}), 
$cgi->end_html();

3 answers

solution1
 4 ACCPTED  2010-01-29 19:53:47

Assume an HTTP request like this: 

GET my.cgi?foo=bar&baz=buz

When run under a webserver with a conventional CGI interface, the environment variable QUERY_STRING will be foo=bar&baz=buz . The environment variable will not be URL-unescaped. Printing it with $cgi->pre(...) will simply enclose the env var with <pre></pre> tags (or a single <pre /> tag if the value is or is coerced to an empty string.

$cgi->param() , on the other hand, and assuming a list context with no arguments, will return a list of URL-unescaped CGI parameter names, in this case foo and bar .

(Note that $cgi->pre(...) does not HTML-escape its argument, so $ENV{QUERY_STRING} might just jeopardize your cgi with a little cross-site scripting injection.)

solution2
 1  2010-01-29 19:40:49

The param method on the CGI object returns a list of all query parameters, including GET and POST parameters. Unless you pass in an argument, in which case it looks for a parameter with that name and returns the value.

The QUERY_STRING environment variable contains the unparsed query string.

This would have been pretty obvious if you had tried the code in question.

Here is the documentation for param .

solution3
 -1  2010-01-29 19:42:26

Per the source of CGI.pm 

#### Method: param
# Returns the value(s)of a named parameter.
# If invoked in a list context, returns the
# entire list.  Otherwise returns the first
# member of the list.
# If name is not provided, return a list of all
# the known parameters names available.
# If more than one argument is provided, the
# second and subsequent arguments are used to
# set the value of the parameter.

QUERY_STRING is set by the web server it is simply the query string from the uri: you can read more about it here

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Set perl cgi query_string offline Strange problem getting $ENV{'QUERY_STRING'} Cannot set parameter using Perl CGI->param() Perl: parsing query_string containing backslash in cgi script What is the difference between perl as a language and CGI scripts? Perl CGI syntax to conrol fonts in $cgi->radio_group() Perl CGI->Vars() not properly hashing cgi parameters PERL/CGI- gets more than text from input textarea difference between cgi and FCGI::Request in perl How to get QUERY_STRING in perl mason CGIHandler?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM