Perl Example #6
Dynamic Web Pages with
Perl and CGI
About the Program
This Perl example contains two separate programs. The first one,
the "FORM Program",
creates a simple HTML form requesting input from the user. After
the "submit" button is activated, this program will call
a second program, the "CALENDAR Program", which generates a web
page containing a calendar for the requested month and a random graphic
loaded from a directory full of JPEG images.
The FORM Program:    form.pl
#!/usr/local/bin/perl
# This program is just one very long print statement written in Perl.
# When it is run from the web-server, however, it will send the text
# between the two EOF markers to a user who has requested the file.
# That text is standard HTML code that will be displayed properly as
# a web page by that person's browser.
print <<EOF;
Content-type: text/html
<HTML>
<BODY BGCOLOR=WHITE TEXT=BLACK>
<CENTER>
<H1> Creating a Dynamic Calendar <br>
with CGI and Perl </H1>
</CENTER>
This simple web page prints out a form requesting a name and date from
a user. When the submit button is pressed, it will call a second Perl
program that generates a presonalized calendar using that information.
These two Perl Scripts must reside in a special "<B>CGI</B>"directory
called <B>cgi-bin</B> which is created as a sub-directory off of
<B>web-docs</B>, and must have the proper permissions in order for the
pages to work on the web server. <br>
<p>
<H3> Let's get some information:</H3>
<FORM METHOD = "GET" ACTION="answer3.pl">
<br>
Enter your name:<br>
<INPUT TYPE = "TEXT" NAME = "name" SIZE = "30">
<br>
<br>
Enter a month:
<SELECT NAME = "month" VALUE="Month" >
<OPTION SELECTED>1
<OPTION>2
<OPTION>3
<OPTION>4
<OPTION>5
<OPTION>6
<OPTION>7
<OPTION>8
<OPTION>9
<OPTION>10
<OPTION>11
<OPTION>12
</SELECT>
   
   
Enter a year:
<INPUT TYPE = "TEXT"
NAME = "year" SIZE = "4">
<br>
<br>
<br>
<INPUT TYPE = "RESET"
NAME = "reset" VALUE = "Clear Entries">
<br>
<br>
<br>
|
FORM Program Output
|
<INPUT TYPE = "SUBMIT" NAME = "submit" VALUE = "Submit Calendar Request">
<br>
</BODY>
</HTML>
EOF
The CALENDAR Program:    calendar.pl
#!/usr/local/bin/perl
# This includes a library module written by Steven Brenner
# that allows the use of a nice function called "ReadParse".
require '/www/cgi/cgi-lib.pl';
# The function returns a hash of the input from a "CGI form". The
# hash keys are the variable names identified in that original form.
# The hash values contain the information submitted by the user.
&ReadParse(%in);
# The following will make a listing of JPEG images in a parallel
# directory. The function "srand" will set a seed for a pseudorandom
# number generator that will be used later. The web page will
# display a random graphic from that directory.
srand; # Initialize random number seed
$i = 0;
while (<../images/*.jpg >) # Loop though all files in other directory
{
$pictures[$i++] = $_; # Make an array of JPEG image names
}
$image = $pictures[int(rand($i))]; # Select random file name from set
# The next routine attempts to solve a serious security problem
# in this program. If the user enters the year, followed by a
# semi-colon, another UNIX command can be put on the same line.
# After the server finishes running "cal", it will run that other
# command also. Potentially evil things could happen! The next
# "if" clause scans through the user's input, and if there is a
# pattern match for a semi-colon, an alternative page is printed.
if ( $in{"year"} =~ ";")
{print <<ERR;
Content-type: text/html
<HTML>
<BODY BGCOLOR=WHITE TEXT=BLACK>
<H3>Hello, $in{"name"}!
    No Calendar today...   
<br></H3>
<IMG SRC= "$image">
</BODY>
</HTML>
ERR
}
|
 
 
|
CALENDAR Output
(Bad Input Value)
|
# If the input is "OK", then the "else" clause is executed. This
# will run the UNIX command "cal" for the specific month, as well
# as the full year, and will display the web page.
else{
# The next few lines concatenates month and year into a single string
# and use "cal" to generate both monthly and yearly calendars.
$date = $in{"month"}." ".$in{"year"};
@calendar = `cal $date`;
@year = `cal $in{"year"}`;
# From this point forward, the standard HTML code is printed.
print <<EOF;
Content-type: text/html
<HTML>
<BODY BGCOLOR=WHITE TEXT=BLACK>
<H3>Hello, $in{"name"}!    
Here's your monthly calendar...   
<br>
</H3>
<TABLE>
<TR>
<TD>
<B>
<PRE>
<FONT COLOR = "#FF0000" SIZE=5>
@calendar
</FONT>
</PRE>
</B>
</TD>
<TD>
<IMG SRC = "$image">
</TD>
</TR>
</TABLE>
<BR>
<FONT SIZE = 4>
The Full Year $in{"year"}
</FONT>
<PRE>
@year
</PRE>
</BODY>
</HTML>
EOF
}
|
CALENDAR Output
(Valid Input )
|
CALENDAR program: ex6b.pl
dhyatt@thor.tjhsst.edu