Web forms have two possible methods of passing information back to
the script that will process the form. Every form will have
something like this:
<form action="/cgi-bin/formpost.pl" method=POST>
<form action="/cgi-bin/formpost.pl" method=GET>
Those mean that the cgi script "formpost.pl" will be called to process the form data. How the data is passed to the cgi script depends upon whether the
method is GET or POST.
Using the GET method means that the cgi form script will receive headers
that actually contain the data from the form. They'll look
something like this:
GET /cgi-bin/formpost.pl?var1=hello+there&button=Send HTTP/1.0
In that case, the "var1" was actually "hello there" and has been
encoded so that it can be transmitted without misinterpretation
(spaces can also be encoded as %20).
The POST method is a little different. In that case, the headers
might look like:
POST /cgi-bin/formpost.pl HTTP/1.0
The Content-length tells the form script how much data it needs to
read, but most folks don't bother to think about these details
and instead use things like Perl's CGI.pm or Uncgi, which
will just get the form data for you without your caring whether it's GET
Note there is one other important difference between GET and POST:
GET requests can be cached, and POSTS cannot. Therefore, you
shouldn't use GET for your forms if the result changes often.
What about when you want to SEND data to a form on
somebody else's machine and get the results?
The simplicity of
GET means that you can easily construct html that will
call the form with specific variables.
<a href="http://aplawrence.com/cgi-bin/formpost.pl?var1=hello+there&button=Send">Click here</a>
You do have to encode
the strings, but that's not hard and (for example) there are
Perl modules that can do that, and also in other languages.
If you want to code the whole thing, of course you could just
open up a connection to port 80 on the server, and manually issue
your GET using the same string you'd use in the html. You could do the same thing for a POST, sending headers like the example above. Again,
most folks would enlist the aid of pre-written modules to
do that. For example, in Perl:
# GET method form
# POST method form
use HTTP::Request::Common qw(POST);
my $req= POST 'http://somesite/formpost.pl', [var1=> $var1,button=>$button];
Notice that in neither case did I do anything to escape the strings. They
wouldn't need any here (no spaces, etc.) but more importantly, the
modules take care of that for you so if you did escape the strings, your
escapes would be escaped again, which probably would get incorrect results
from the form.
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Tony Lawrence
Find me on Google+
© 2012-07-17 Tony Lawrence