I am building a signup form with Perl (using the CGI module) and a recaptcha. The form works fine and submits the data to a SQL database. However, when I create another user with the form, the data entered into the database is the same as the first user. I am retrieving the form data in my verification page using my $var = $cgi->param('param_name');
Do I need to clear the params, or is it something else. (I tried $cgi->delete_all();
but that didn't seem to do anything)
Form Verification Code: (It is literally a prototype, so security has not been addressed yet)
my $challenge = $q->param('recaptcha_challenge_field');
my $response = $q->param('recaptcha_response_field');
my $username = $q->param('Username');
my $password = $q->param('Password');
my $name = $q->param('Name');
my $email = $q->param('Username');
my $security = $q->param('Security');
my $answer = $q->param('Answer');
my $permissions = 1;
# Verify submission
my $result = $c->check_answer(
"my_private_key", $ENV{'REMOTE_ADDR'},
$challenge, $response
);
if ( $result->{is_valid} ) {
insert_new_user();
print $q->redirect('cgi-bin/admin/text_campaign.pl');
}
else {
# Error
print $q->redirect('login.pl?crc=false');
}
###############################################################################
# Sub Routines #
###############################################################################
sub insert_new_user
{
my $sql = "INSERT INTO users (u_username, u_password, u_realname, u_email, u_security_question, u_security_answer, PRIVILEGES_idPRIVILEGES)
VALUES(?, ?, ?, ?, ?, ?, ?) ";
my $sth=$dbh->prepare($sql);
$sth->execute($username, $password, $name, $email, $security, $answer, $permissions);
$sth->finish();
return;
}
Yes, that's the way it normally works. Look into the -nosticky "pragma" in the documentation
http://perldoc.perl.org/CGI.html#PRAGMAS
or the delete_all() function.
--- EDIT ---
I played a little with a modified form of the sample that is in CGI.pm's documentation. Including it here for ease of reference, and because i changed it a little.
#!/usr/bin/perl
use CGI qw/-nosticky :standard/;
print header;
print start_html("Example CGI.pm Form");
print "<h1> Example CGI.pm Form</h1>\n";
do_work();
print_prompt();
print_tail();
print end_html;
sub print_prompt {
print "<hr>\n";
print start_form;
print "<em>What's your name?</em><br>";
print textfield('name');
print checkbox('Not my real name');
print "<p><em>Where can you find English Sparrows?</em><br>";
print checkbox_group(
-name=>'Sparrow locations',
-values=>[England,France,Spain,Asia,Hoboken],
-linebreak=>'yes',
-defaults=>[England,Asia]);
print "<p><em>How far can they fly?</em><br>",
radio_group(
-name=>'how far',
-values=>['10 ft','1 mile','10 miles','real far'],
-default=>'1 mile');
print "<p><em>What's your favorite color?</em> ";
print popup_menu(-name=>'Color',
-values=>['black','brown','red','yellow'],
-default=>'red');
print hidden('Reference','Monty Python and the Holy Grail');
print "<p><em>What have you got there?</em><br>";
print scrolling_list(
-name=>'possessions',
-values=>['A Coconut','A Grail','An Icon',
'A Sword','A Ticket'],
-size=>5,
-multiple=>'true');
print "<p><em>Any parting comments?</em><br>";
print textarea(-name=>'Comments',
-rows=>10,
-columns=>50);
print "<p>",reset;
print submit('Action','Shout');
print submit('Action','Scream');
print end_form;
print "<hr>\n";
}
sub do_work {
print "<h2>Here are the current settings in this form</h2>";
for my $key (param) {
print "<strong>$key</strong> -> ";
my @values = param($key);
print join(", ",@values),"<br>\n";
}
}
sub print_tail {
print <<END;
<hr>
<address>Lincoln D. Stein</address><br>
<a href="/">Home Page</a>
END
}
Left as is, this script exhibits the behavior we are discussing. The use of -nosticky doesn't seem to have helped.
However, if i add Delete_all after do_work and before print_prompt(), like so:
print header;
print start_html("Example CGI.pm Form");
print "<h1> Example CGI.pm Form</h1>\n";
do_work();
Delete_all();
print_prompt();
print_tail();
print end_html;
Then the defaults are not prepopulated.
I hope this helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.