I'm trying to access a cgi script when a form is submitted. With that script, I want to display a page that basically says, "Is this info correct?" and show them what they entered. Then, if they hit "Yes", I want to send an email to myself with their info. If no, I want it to go back to the previous page. I'm not sure how to do this. I'm stuck after creating the confirmation page. Here's what I have so far:

#!/usr/bin/perl
#confirmSubscribe.cgi


print "Content-type: text/html\n\n";
use CGI qw(:standard);
use Mail::Sendmail;
use strict;


#var declarations
my ($firstName, $lastName, $email, $street, $city, $state, $zip, $msg, %mail);


#var values
$firstName = param('firstName');
$lastName = param('lastName');
$email = param('email');
$street = param('street');
$city = param('city');
$state = param('state');
$zip = param('zip');


#create page
sub send
print header;
print <<endHtml;
<html>
<head>
<title>Please confirm your information</title>
<body>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p align="center" /><h2>Please confirm your information:</h2></p>
<p><font size="4" face="Arial">$firstName $lastName<br />
$email<br />
$street<br />
$city, $state  $zip</font></p><br /><br />
<form method="post" action="http://www.sgnscoops.com/Magazines/magazineMain.html">
<input type="submit" value="Yes, it's correct.">
</form><form method="link" action="http://www.sgnscoops.com/cgi-bin/subscriptionSent.cgi">
<input type="button" value="No, I made a mistake.">
</form>
</body>
</html>
endHtml
sub send
print header;
print <<endHtml;

no curly braces after sub send.

sub send()
{
#code
}

send() is never called in the main body of the cgi.

...well, okay. If we're actually going to try to critique. Um... nothing whatsoever in the script actually attempts to send an email.

That's kinda the root of my earlier comment. The whole thing isn't even a framework of what's described as the objective; it's a non-functional beginning of some of it. So it seems like the OP isn't asking for debugging assistance or critique so much as to have the rest of his script (his homework?) written for him.

...well, okay. If we're actually going to try to critique. Um... nothing whatsoever in the script actually attempts to send an email.

That's kinda the root of my earlier comment. The whole thing isn't even a framework of what's described as the objective; it's a non-functional beginning of some of it. So it seems like the OP isn't asking for debugging assistance or critique so much as to have the rest of his script (his homework?) written for him.

Yeah but notice that in the <form> action, different pages are being called as the action, likely the email is being dealt with there. Although I think that the actions are reversed. It makes more sense that Yes should go to the subscriptionSent.cgi and No should go back to the HTML page where the info was entered to begin with.

<form method="post" action="http://www.sgnscoops.com/Magazines/magazineMain.html">
<input type="submit" value="Yes, it's correct.">
</form><form method="link" action="http://www.sgnscoops.com/cgi-bin/subscriptionSent.cgi">
<input type="button" value="No, I made a mistake.">
</form>

You should use one script to handle the entire process. But, writing CGI scripts is not a good idea for a person that seems to not have any experience and probably does not understand even the basics of writing secure CGI scripts. I suggest you hire a programmer, one that can demonstrate that they can write a secure CGI script. A script like this should not cost very much. You can post jobs on many websites and take bids from programmers.

I agree that processes like this should be written in one script. People always get too hung up on the 'page' paradigm and break processes across scripts in a way that just doesn't help anything.

But, erm, not for nothin'... but how would this guy actually know if a programmer had demonstrated an ability to write a secure CGI script or not?

Ask for references, read comments from previous customers, have their work reviewed by a third party. It would still be possible to be fooled but many of the hire-a-programmer sites do a good job of hooking up customers with good programmers.

They can always try and hack/crack the script to see what happens under various conditions, which is the acid test of any CGI script.

First of all, it is not homework. I'm trying to learn Perl. No one is an ace when they first start learning something. I don't want anyone to write the script for me: I wouldn't learn anything that way.

Major, I did accidentaly have the links switched around for the buttons. Also, the "sub send" I forgot to delete before I posted the code.

Chaos, I didn't attempt the email portion yet because I want to make sure that I set it up correctly before doing so.

When "Yes" is clicked, can I just send an email then, or do I need to have another CGI script perform this?

looks like you're on the right track but I'd follow Kevin and chaos' advice and keep it as one script instead of calling multiple pages you'll need to encapsulate the three different modes of the page in subs and call the appropriate one given the situation. Something like the following will work using a hidden input in your forms with the name action. Depending on what you set action to be you can determine the flow of the cgi.

if ($ENV{'REQUEST_METHOD'} eq "POST")
{
  if (param('action') eq "validate")
  {
    &ShowValidate();
  }
  elsif (param('action') eq "accept")
  {
    &Accept();
  }
  elsif (param('action') eq "reject")
  {
    &ShowEnterData();
  }
  else
  {
    &ShowEnterData();
  }
}
else
{
  &ShowEnterData();
}

the code basically looks to see if this has been POSTed and if it has, depending on what the action was the cgi will call different subs to deal with the info posted. If the page hasn't been POSTed it will perform the ShowEnterData() sub and by default if it doesn't understand the action sent (if it's being spoofed say) it will perform ShowEnterData().

Can I access a subroutine when a button is clicked on a form with a generated page?

Yes you can. It does not matter if the page is static or dynamic.

if (some condition) {
   do_this()
}

You can also make a hash table where the values of the hash keys are references to subroutines.

Should I use JavaScript for this?

Since I'm generating an HTML page, I can't incorporate Perl directly into it, can I? I don't know if it makes a difference that the page is generated by Perl and isn't a stand alone page.

Never mind. Stupid question. Just disregard my last post. *rolls eyes*

This article has been dead for over six months. Start a new discussion instead.