Developer

Validate user input in Web forms and CGI apps with these 10 Perl modules

It should come as no surprise that there exists an extensive body of ready-to-use Perl code to make form construction and input validation as painless and streamlined as possible.

Unless the Web site you're currently building is extremely basic, chances are good that it has a couple of interactive forms to collect information from users. These might be simple feedback forms, more complicated registration or membership forms, or sophisticated order processing forms. And although their shapes and sizes might be different, they'll all have one thing in common: before the information submitted through them can be used, it will need to extensively validated and "sanitized" to ensure that it isn't harmful.

Form construction and input validation is thus an integral part of a Web developer's job. Therefore, it should come as no surprise that there exists an extensive body of ready-to-use code to make this process as painless and streamlined as possible. If you're a Perl developer, the single largest repository of these tools is the Comprehensive Perl Archive Network (CPAN) which has hundreds of classes for form generation, testing and processing.

In this document, I've selected ten of the most useful and powerful modules (Table A), with a view to providing you with a broad overview of what's offered and hopefully sparking some ideas for your next development project. Enjoy!

Note: You can install CPAN modules directly from the Internet, by following the instructions provided at:

http://www.cpan.org/misc/cpan-faq.html#How_install_Perl_modules.

Table A


Package Name

Description

CGI.pm

This module is the most full-featured and powerful CGI library currently available. It provides both linear and object-oriented frameworks for CGI scripting, allowing you to programmatically generate HTML markup and form fields, examine POST and GET variables, set and read cookies and sessions, and interface with external environment variables.

Use this module to generate Web forms and HTML markup using object calls, or for advanced form processing and scripting.

CGI::Ex::Validate

This module extends standard CGI input validators with a number of additional features: grouping of form fields, conditional validation based on groups, validation rules in external files and support for YAML. Unlike other validators, it also supports the automatic generation of client-side (JavaScript) validation routines for greater data integrity.

Use this module with complex forms which have inter-connected validation rules, or if you need quick-and-dirty client-side validation.

Data::Validate

This module provides validation routines for common input types: email addresses, credit card numbers, URLs, dates and times, string and number classes, and more.

Use this module to test user input entered in Web forms and ensure it is valid before using it in a calculation/saving it to a file or database.

CGI::Upload

This module is designed to handle HTTP file uploads through a browser. Given a multi-part form submission, it can retrieve information about the file name, size and MIME type, making it possible to easily perform subsequent copy/move/delete operations.

Use this module to support file uploads on your Web site.

CGI::FormBuilder::Multi

This module provides routines to generate, validate, and process multi-page Web forms. It supports all the HTML form input types, and comes with built-in validation routines for most common input types. Sessions are used to maintain state between the different pages of a form.

Use this module to significantly simplify the task of generating and validating multi-page Web forms at run-time.

CGI::Session

This module brings session management capabilities to a CGI application, making it possible to "maintain state" for a client session. It can be used with both DBI and file drivers for data storage, and also comes with built-in debugging capabilities.

Use this module for applications that need to keep track of individual user sessions on a Web site — for example, shopping cart systems or login systems.

CGI::Auth

This module provides a framework for a basic Web login/authentication system. It uses session files stored on the server to track user logins, and reads authentication information from custom-format data files. It also supports HTML templates, which can be used to create customized login/logout screens

Use this module to quickly create a login system for a Web application.

CGI::Application::Mailform

This module is a reusable system for converting form submissions into email. It includes HTML templates for the form and form submission screens that can be customized to specific needs.

Use this module to create a quick-and-dirty Web form that emails its contents to a specified recipient.

Handel::Cart

This module provides an object-oriented framework to creating and maintaining shopping cart contents. It includes built-in methods for adding and removing cart items, updating quantities and prices, calculating totals, retrieving previously saved carts, and saving carts to a database or external storage system.

Use this module to quickly integrate a shopping cart system into a Web site.

CGI::Test 

This module provides a testing framework for CGI programs, allowing you to run them interactively without a Web browser. Its key feature is support for session management, making it possible to simulate a multi-page transaction outside a browser environment.

Use this module to perform regression testing of CGI applications outside a browser environment.

Editor's Picks

Free Newsletters, In your Inbox