Perl Example #6
Dynamic Web Pages with Perl and CGI

About the Program

This Perl example contains two separate programs. The first one, the "FORM Program", creates a simple HTML form requesting input from the user. After the "submit" button is activated, this program will call a second program, the "CALENDAR Program", which generates a web page containing a calendar for the requested month and a random graphic loaded from a directory full of JPEG images.

The FORM Program:    form.pl
#!/usr/local/bin/perl

# This program is just one very long print statement written in Perl.  
# When it is run from the web-server, however, it will send the text
# between the two EOF markers to a user who has requested the file.
# That text is standard HTML code that will be displayed properly as 
# a web page by that person's browser.

print <<EOF;
Content-type: text/html

<HTML>
<BODY BGCOLOR=WHITE TEXT=BLACK>
<CENTER>
<H1> Creating a Dynamic Calendar <br>
 with CGI and Perl </H1>
</CENTER>
This simple web page prints out a form requesting a name and date from 
a user.  When the submit button is pressed, it will call a second Perl 
program that generates a presonalized calendar using that information.
 These two Perl Scripts must reside in a special "<B>CGI</B>"directory 
called <B>cgi-bin</B> which is created as a sub-directory off of 
<B>web-docs</B>, and must have the proper permissions in order for the
pages to work on the web server. <br>
<p>

<H3> Let's get some information:</H3>
<FORM METHOD = "GET" ACTION="answer3.pl">
<br>
Enter your name:<br>
<INPUT TYPE = "TEXT" NAME = "name" SIZE = "30">
<br>
<br>

Enter a month:
<SELECT NAME = "month" VALUE="Month" >
<OPTION SELECTED>1
<OPTION>2
<OPTION>3
<OPTION>4
<OPTION>5
<OPTION>6
<OPTION>7
<OPTION>8
<OPTION>9
<OPTION>10
<OPTION>11
<OPTION>12
</SELECT>
 
   
   
Enter a year:
<INPUT TYPE = "TEXT" 
    NAME = "year" SIZE = "4">
<br>
<br>
<br>
<INPUT TYPE = "RESET" 
    NAME = "reset" VALUE = "Clear Entries"> 
<br>
<br>
<br>
FORM Program Output
 

<INPUT TYPE = "SUBMIT" NAME = "submit" VALUE = "Submit Calendar Request">
<br>
</BODY>
</HTML>
EOF


The CALENDAR Program:    calendar.pl
#!/usr/local/bin/perl

# This includes a library module written by Steven Brenner
# that allows the use of a nice function called "ReadParse".

require '/www/cgi/cgi-lib.pl';

# The function returns a hash of the input from a "CGI form".  The
# hash keys are the variable names identified in that original form.
# The hash values contain the information submitted by the user.

&ReadParse(%in);  

# The following will make a listing of JPEG images in a parallel
# directory.  The function "srand" will set a seed for a pseudorandom
# number generator that will be used later.  The web page will 
# display a random graphic from that directory.

srand;   #  Initialize random number seed
$i = 0;
while (<../images/*.jpg >) # Loop though all files in other directory
{
  $pictures[$i++] = $_;    # Make an array of JPEG image names
}  
$image = $pictures[int(rand($i))];  # Select random file name from set

# The next routine attempts to solve a serious security problem 
# in this program.  If the user enters the year, followed by a 
# semi-colon, another UNIX command can be put on the same line.
# After the server finishes running "cal", it will run that other
# command also. Potentially evil things could happen!  The next 
# "if" clause scans through the user's input, and if there is a
# pattern match for a semi-colon, an alternative page is printed.

if ( $in{"year"} =~ ";") 

{print <<ERR;

Content-type: text/html

<HTML>

<BODY BGCOLOR=WHITE TEXT=BLACK>

<H3>Hello, $in{"name"}! 
    No Calendar today...   
<br></H3>

<IMG SRC= "$image">

</BODY>

</HTML>

ERR
}
   
CALENDAR Output
 (Bad Input Value) 




# If the input is "OK", then the "else" clause is executed.  This
# will run the UNIX command "cal" for the specific month, as well
# as the full year, and will display the web page.

else{

# The next few lines concatenates month and year into a single string
# and use "cal" to generate both monthly and yearly calendars.

$date = $in{"month"}." ".$in{"year"};  
@calendar = `cal $date`;    
@year = `cal $in{"year"}`;

# From this point forward, the standard HTML code is printed.

print <<EOF;
Content-type: text/html

<HTML>
<BODY BGCOLOR=WHITE TEXT=BLACK>
<H3>Hello, $in{"name"}!     
    Here's your monthly calendar...   
<br>
</H3>
<TABLE>
<TR>
<TD>
<B>
<PRE>
<FONT COLOR = "#FF0000" SIZE=5>
@calendar
</FONT>
</PRE>
</B>
</TD>
<TD>
<IMG SRC = "$image">
</TD>
</TR>
</TABLE>
<BR>
<FONT SIZE = 4>
The Full Year $in{"year"} 
</FONT>
<PRE>
@year
</PRE>


</BODY>
</HTML>
EOF
}
CALENDAR Output
 (Valid Input )

FORM program: ex6a.pl

CALENDAR program: ex6b.pl

dhyatt@thor.tjhsst.edu