Web forms have two possible methods of passing information back to
the script that will process the form. Every form will have
something like this:
<form action="/cgi-bin/formpost.pl" method=POST>
<form action="/cgi-bin/formpost.pl" method=GET>
Those mean that the cgi script "formpost.pl" will be called to process the form data. How the data is passed to the cgi script depends upon whether the
method is GET or POST.
Using the GET method means that the cgi form script will receive headers
that actually contain the data from the form. They'll look
something like this:
GET /cgi-bin/formpost.pl?var1=hello+there&button=Send HTTP/1.0
In that case, the "var1" was actually "hello there" and has been
encoded so that it can be transmitted without misinterpretation
(spaces can also be encoded as %20).
The POST method is a little different. In that case, the headers
might look like:
POST /cgi-bin/formpost.pl HTTP/1.0
The Content-length tells the form script how much data it needs to
read, but most folks don't bother to think about these details
and instead use things like Perl's CGI.pm or Uncgi, which
will just get the form data for you without your caring whether it's GET
Note there is one other important difference between GET and POST:
GET requests can be cached, and POSTS cannot. Therefore, you
shouldn't use GET for your forms if the result changes often.
What about when you want to SEND data to a form on
somebody else's machine and get the results?
The simplicity of
GET means that you can easily construct html that will
call the form with specific variables.
<a href="http://aplawrence.com/cgi-bin/formpost.pl?var1=hello+there&button=Send">Click here</a>
You do have to encode
the strings, but that's not hard and (for example) there are
Perl modules that can do that, and also in other languages.
If you want to code the whole thing, of course you could just
open up a connection to port 80 on the server, and manually issue
your GET using the same string you'd use in the html. You could do the same thing for a POST, sending headers like the example above. Again,
most folks would enlist the aid of pre-written modules to
do that. For example, in Perl:
# GET method form
# POST method form
use HTTP::Request::Common qw(POST);
my $req= POST 'http://somesite/formpost.pl', [var1=> $var1,button=>$button];
Notice that in neither case did I do anything to escape the strings. They
wouldn't need any here (no spaces, etc.) but more importantly, the
modules take care of that for you so if you did escape the strings, your
escapes would be escaped again, which probably would get incorrect results
from the form.
If this page was useful to you, please help others find it:
More Articles by Tony Lawrence
- Find me on Google+
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
Jump to Comments
Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.
Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.
We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.