File Coverage

blib/lib/CGI/Simple.pm

Criterion	Covered	Total	%
statement	629	743	84.6
branch	376	506	74.3
condition	118	171	69.0
subroutine	114	126	90.4
pod	69	90	76.6
total	1306	1636	79.8

line	stmt	bran	cond	sub	pod	time	code
1							package CGI::Simple;
2
3							require 5.006001;
4
5							# this module is both strict (and warnings) compliant, but they are only used
6							# in testing as they add an unnecessary compile time overhead in production.
7	21			21		2360076	use strict;
	21					56
	21					1087
8							#use warnings;
9	21			21		226	use Carp;
	21					45
	21					4334
10
11	21			21		145	use vars qw(*in);
	21					51
	21					34547
12							our ($VERSION, $USE_CGI_PM_DEFAULTS, $DISABLE_UPLOADS, $POST_MAX,
13							$NO_UNDEF_PARAMS, $USE_PARAM_SEMICOLONS, $PARAM_UTF8, $HEADERS_ONCE,
14							$NPH, $DEBUG, $NO_NULL, $FATAL);
15
16							$VERSION = "1.282";
17
18							# you can hard code the global variable settings here if you want.
19							# warning - do not delete the unless defined $VAR part unless you
20							# want to permanently remove the ability to change the variable.
21							sub _initialize_globals {
22
23							# set this to 1 to use CGI.pm default global settings
24	107	100		107		678	$USE_CGI_PM_DEFAULTS = 0
25							unless defined $USE_CGI_PM_DEFAULTS;
26
27							# see if user wants old CGI.pm defaults
28	107	100				342	if ( $USE_CGI_PM_DEFAULTS ) {
29	43					220	_use_cgi_pm_global_settings();
30	43					125	return;
31							}
32
33							# no file uploads by default, set to 0 to enable uploads
34	64	100				253	$DISABLE_UPLOADS = 1
35							unless defined $DISABLE_UPLOADS;
36
37							# use a post max of 100K, set to -1 for no limits
38	64	100				178	$POST_MAX = 102_400
39							unless defined $POST_MAX;
40
41							# set to 1 to not include undefined params parsed from query string
42	64	100				300	$NO_UNDEF_PARAMS = 0
43							unless defined $NO_UNDEF_PARAMS;
44
45							# separate the name=value pairs with ; rather than &
46	64	100				277	$USE_PARAM_SEMICOLONS = 0
47							unless defined $USE_PARAM_SEMICOLONS;
48
49							# return everything as utf-8
50	64		50			619	$PARAM_UTF8 \|\|= 0;
51	64	50				186	$PARAM_UTF8 and require Encode;
52
53							# only print headers once
54	64	100				229	$HEADERS_ONCE = 0
55							unless defined $HEADERS_ONCE;
56
57							# Set this to 1 to enable NPH scripts
58	64	100				297	$NPH = 0
59							unless defined $NPH;
60
61							# 0 => no debug, 1 => from @ARGV, 2 => from STDIN
62	64	100				191	$DEBUG = 0
63							unless defined $DEBUG;
64
65							# filter out null bytes in param - value pairs
66	64	100				173	$NO_NULL = 1
67							unless defined $NO_NULL;
68
69							# set behavior when cgi_err() called -1 => silent, 0 => carp, 1 => croak
70	64	100				216	$FATAL = -1
71							unless defined $FATAL;
72							}
73
74							# I happen to disagree with many of the default global settings in CGI.pm
75							# This sub is called if you set $CGI::Simple::USE_CGI_PM_GLOBALS = 1; or
76							# invoke the '-default' pragma via a use CGI::Simple qw(-default);
77							sub _use_cgi_pm_global_settings {
78	66			66		9384	$USE_CGI_PM_DEFAULTS = 1;
79	66	100				312	$DISABLE_UPLOADS = 0 unless defined $DISABLE_UPLOADS;
80	66	100				313	$POST_MAX = -1 unless defined $POST_MAX;
81	66	100				170	$NO_UNDEF_PARAMS = 0 unless defined $NO_UNDEF_PARAMS;
82	66	100				418	$USE_PARAM_SEMICOLONS = 1 unless defined $USE_PARAM_SEMICOLONS;
83	66	100				532	$HEADERS_ONCE = 0 unless defined $HEADERS_ONCE;
84	66	100				254	$NPH = 0 unless defined $NPH;
85	66	100				146	$DEBUG = 1 unless defined $DEBUG;
86	66	100				120	$NO_NULL = 0 unless defined $NO_NULL;
87	66	100				121	$FATAL = -1 unless defined $FATAL;
88	66	100				139	$PARAM_UTF8 = 0 unless defined $PARAM_UTF8;
89							}
90
91							# this is called by new, we will never directly reference the globals again
92							sub _store_globals {
93	113			113		16053	my $self = shift;
94
95	113					1107	$self->{'.globals'}->{'DISABLE_UPLOADS'} = $DISABLE_UPLOADS;
96	113					454	$self->{'.globals'}->{'POST_MAX'} = $POST_MAX;
97	113					278	$self->{'.globals'}->{'NO_UNDEF_PARAMS'} = $NO_UNDEF_PARAMS;
98	113					290	$self->{'.globals'}->{'USE_PARAM_SEMICOLONS'} = $USE_PARAM_SEMICOLONS;
99	113					412	$self->{'.globals'}->{'HEADERS_ONCE'} = $HEADERS_ONCE;
100	113					430	$self->{'.globals'}->{'NPH'} = $NPH;
101	113					515	$self->{'.globals'}->{'DEBUG'} = $DEBUG;
102	113					400	$self->{'.globals'}->{'NO_NULL'} = $NO_NULL;
103	113					249	$self->{'.globals'}->{'FATAL'} = $FATAL;
104	113					298	$self->{'.globals'}->{'USE_CGI_PM_DEFAULTS'} = $USE_CGI_PM_DEFAULTS;
105	113					556	$self->{'.globals'}->{'PARAM_UTF8'} = $PARAM_UTF8;
106							}
107
108							# use the automatic calling of the import sub to set our pragmas. CGI.pm compat
109							sub import {
110	27			27		24422	my ( $self, @args ) = @_;
111
112							# arguments supplied in the 'use CGI::Simple [ARGS];' will now be in @args
113	27					153885	foreach ( @args ) {
114	31	100				20309	$USE_CGI_PM_DEFAULTS = 1, next if m/^-default/i;
115	20	100				65	$DISABLE_UPLOADS = 1, next if m/^-no.?upload/i;
116	18	100				52	$DISABLE_UPLOADS = 0, next if m/^-upload/i;
117	16	100				42	$HEADERS_ONCE = 1, next if m/^-unique.?header/i;
118	14	100				105	$NPH = 1, next if m/^-nph/i;
119	11	100				36	$DEBUG = 0, next if m/^-no.?debug/i;
120	9	50				46	$DEBUG = defined $1 ? $1 : 2, next if m/^-debug(\d)?/i;
		100
121	7	100				27	$USE_PARAM_SEMICOLONS = 1, next if m/^-newstyle.?url/i;
122	5	100				23	$USE_PARAM_SEMICOLONS = 0, next if m/^-oldstyle.?url/i;
123	3	50				22	$NO_UNDEF_PARAMS = 1, next if m/^-no.?undef.?param/i;
124	0	0				0	$FATAL = 0, next if m/^-carp/i;
125	0	0				0	$FATAL = 1, next if m/^-croak/i;
126	0					0	croak "Pragma '$_' is not defined in CGI::Simple\n";
127							}
128							}
129
130							# used in CGI.pm .t files
131							sub _reset_globals {
132	21			21		2693	_use_cgi_pm_global_settings();
133							}
134
135							binmode STDIN;
136							binmode STDOUT;
137
138							# use correct encoding conversion to handle non ASCII char sets.
139							# we import and install the complex routines only if we have to.
140							BEGIN {
141
142							sub url_decode {
143	622			622	1	2035	my ( $self, $decode ) = @_;
144	622	100				1250	return () unless defined $decode;
145	620					1214	$decode =~ tr/+/ /;
146	620					1474	$decode =~ s/%([a-fA-F0-9]{2})/ pack "C", hex $1 /eg;
	814					2477
147	620					1730	return $decode;
148							}
149
150							sub url_encode {
151	568			568	1	3718	my ( $self, $encode ) = @_;
152	568	100				848	return () unless defined $encode;
153	566					855	$encode
154	632					1833	=~ s/([^A-Za-z0-9\-_.!~*'() ])/ uc sprintf "%%%02x",ord $1 /eg;
155	566					684	$encode =~ tr/ /+/;
156	566					1213	return $encode;
157							}
158
159	21			21		147267	if ( "\t" ne "\011" ) {
160							eval { require CGI::Simple::Util };
161							if ( $@ ) {
162							croak
163							"Your server is using not using ASCII, you must install CGI::Simple::Util, error: $@";
164							}
165
166							# hack the symbol table and replace simple encode/decode subs
167							*CGI::Simple::url_encode
168							= sub { CGI::Simple::Util::escape( $_[1] ) };
169							*CGI::Simple::url_decode
170							= sub { CGI::Simple::Util::unescape( $_[1] ) };
171							}
172							}
173
174							################ The Guts ################
175
176							sub new {
177	105			105	1	3029078	my ( $class, $init ) = @_;
178	105		33			1437	$class = ref( $class ) \|\| $class;
179	105					540	my $self = {};
180	105					428	bless $self, $class;
181	105	50				513	if ( $self->_mod_perl ) {
182	0	0				0	if ( $init ) {
183	0					0	$self->{'.mod_perl_request'} = $init;
184	0					0	undef $init; # otherwise _initialize takes the wrong path
185							}
186	0					0	$self->_initialize_mod_perl();
187							}
188	105					779	$self->_initialize_globals;
189	105					473	$self->_store_globals;
190	105					859	$self->_initialize( $init );
191	105					2056	return $self;
192							}
193
194							sub _mod_perl {
195							return (
196							exists $ENV{MOD_PERL}
197							or ( $ENV{GATEWAY_INTERFACE}
198	105		33	105		2102	and $ENV{GATEWAY_INTERFACE} =~ m{^CGI-Perl/} )
199							);
200							}
201
202							# Return the global request object under mod_perl. If you use mod_perl 2
203							# and you don't set PerlOptions +GlobalRequest then the request must be
204							# passed in to the new() method.
205							sub _mod_perl_request {
206	0			0		0	my $self = shift;
207
208	0					0	my $mp = $self->{'.mod_perl'};
209
210	0	0				0	return unless $mp;
211
212	0					0	my $req = $self->{'.mod_perl_request'};
213	0	0				0	return $req if $req;
214
215	0					0	$self->{'.mod_perl_request'} = do {
216	0	0				0	if ( $mp == 2 ) {
217	0					0	Apache2::RequestUtil->request;
218							}
219							else {
220	0					0	Apache->request;
221							}
222							};
223							}
224
225							sub _initialize_mod_perl {
226	0			0		0	my ( $self ) = @_;
227
228	0					0	eval "require mod_perl";
229
230	0	0				0	if ( defined $mod_perl::VERSION ) {
231
232	0	0				0	if ( $mod_perl::VERSION >= 2.00 ) {
233	0					0	$self->{'.mod_perl'} = 2;
234
235	0					0	require Apache2::RequestRec;
236	0					0	require Apache2::RequestIO;
237	0					0	require Apache2::RequestUtil;
238	0					0	require Apache2::Response;
239	0					0	require APR::Pool;
240
241	0					0	my $r = $self->_mod_perl_request();
242
243	0	0				0	if ( defined $r ) {
244	0	0				0	$r->subprocess_env unless exists $ENV{REQUEST_METHOD};
245	0					0	$r->pool->cleanup_register(
246							\&CGI::Simple::_initialize_globals );
247							}
248							}
249							else {
250	0					0	$self->{'.mod_perl'} = 1;
251
252	0					0	require Apache;
253
254	0					0	my $r = $self->_mod_perl_request();
255
256	0	0				0	if ( defined $r ) {
257	0					0	$r->register_cleanup( \&CGI::Simple::_initialize_globals );
258							}
259							}
260							}
261							}
262
263							sub _initialize {
264	105			105		296	my ( $self, $init ) = @_;
265
266	105	100				581	if ( !defined $init ) {
		100
		100
		100
267
268							# initialize from QUERY_STRING, STDIN or @ARGV
269	73					607	$self->_read_parse();
270							}
271							elsif ( ( ref $init ) =~ m/HASH/i ) {
272
273							# initialize from param hash
274	8					14	for my $param ( keys %{$init} ) {
	8					258
275	14					44	$self->_add_param( $param, $init->{$param} );
276							}
277							}
278
279							# chromatic's blessed GLOB patch
280							# elsif ( (ref $init) =~ m/GLOB/i ) { # initialize from a file
281							elsif ( UNIVERSAL::isa( $init, 'GLOB' ) ) { # initialize from a file
282	2					15	$self->_read_parse( $init );
283							}
284							elsif ( ( ref $init ) eq 'CGI::Simple' ) {
285
286							# initialize from a CGI::Simple object
287	1					801	require Data::Dumper;
288
289							# avoid problems with strict when Data::Dumper returns $VAR1
290	1					10307	my $VAR1;
291	1					5	my $clone = eval( Data::Dumper::Dumper( $init ) );
292	1	50				9	if ( $@ ) {
293	0					0	$self->cgi_error( "Can't clone CGI::Simple object: $@" );
294							}
295							else {
296	1					6	$_[0] = $clone;
297							}
298							}
299							else {
300	21					63	$self->_parse_params( $init ); # initialize from a query string
301							}
302							}
303
304							sub _internal_read($*\$;$) {
305	16			16		133	my ( $self, $glob, $buffer, $len ) = @_;
306	16	100				257	$len = 4096 if !defined $len;
307	16	50				135	if ( $self->{'.mod_perl'} ) {
308	0					0	my $r = $self->_mod_perl_request();
309	0					0	$r->read( $$buffer, $len );
310							}
311							else {
312	16					10010797	read( $glob, $$buffer, $len );
313							}
314							}
315
316							sub _read_parse {
317	75			75		262	my $self = shift;
318	75		100			726	my $handle = shift \|\| \*STDIN;
319
320	75					359	my $data = '';
321	75		100			701	my $type = $ENV{'CONTENT_TYPE'} \|\| 'No CONTENT_TYPE received';
322	75		100			517	my $length = $ENV{'CONTENT_LENGTH'} \|\| 0;
323	75		100			352	my $method = $ENV{'REQUEST_METHOD'} \|\| 'No REQUEST_METHOD received';
324
325							# first check POST_MAX Steve Purkis pointed out the previous bug
326	75	50	100			1290	if ( ( $method eq 'POST' or $method eq "PUT" )
			100
			66
327							and $self->{'.globals'}->{'POST_MAX'} != -1
328							and $length > $self->{'.globals'}->{'POST_MAX'} ) {
329	0					0	$self->cgi_error(
330							"413 Request entity too large: $length bytes on STDIN exceeds \$POST_MAX!"
331							);
332
333							# silently discard data ??? better to just close the socket ???
334	0					0	while ( $length > 0 ) {
335	0	0				0	last unless _internal_read( $self, $handle, my $buffer );
336	0					0	$length -= length( $buffer );
337							}
338
339	0					0	return;
340							}
341
342	75	100	100			1458	if ( $length and $type =~ m\|^multipart/form-data\|i ) {
		100	100
		100	100
343	4					90	my $got_length = $self->_parse_multipart( $handle );
344	4	50				16	if ( $length != $got_length ) {
345	0					0	$self->cgi_error(
346							"500 Bad read on multipart/form-data! wanted $length, got $got_length"
347							);
348							}
349
350	4					16	return;
351							}
352							elsif ( $method eq 'POST' or $method eq 'PUT' ) {
353	12	50				151	if ( $length ) {
354
355							# we may not get all the data we want with a single read on large
356							# POSTs as it may not be here yet! Credit Jason Luther for patch
357							# CGI.pm < 2.99 suffers from same bug
358	12					196	_internal_read( $self, $handle, $data, $length );
359	12					100	while ( length( $data ) < $length ) {
360	0	0				0	last unless _internal_read( $self, $handle, my $buffer );
361	0					0	$data .= $buffer;
362							}
363
364	12	50				169	unless ( $length == length $data ) {
365	0					0	$self->cgi_error( "500 Bad read on POST! wanted $length, got "
366							. length( $data ) );
367	0					0	return;
368							}
369
370	12	100				279	if ( $type !~ m\|^application/x-www-form-urlencoded\| ) {
371	6					319	$self->_add_param( $method . "DATA", $data );
372							}
373							else {
374	6					181	$self->_parse_params( $data );
375							}
376							}
377							}
378							elsif ( $method eq 'GET' or $method eq 'HEAD' ) {
379							$data
380							= $self->{'.mod_perl'}
381							? $self->_mod_perl_request()->args()
382							: $ENV{'QUERY_STRING'}
383	54	50	100			256	\|\| $ENV{'REDIRECT_QUERY_STRING'}
384							\|\| '';
385	54					169	$self->_parse_params( $data );
386							}
387							else {
388	5	100	66			34	unless ( $self->{'.globals'}->{'DEBUG'}
389							and $data = $self->read_from_cmdline() ) {
390	3					26	$self->cgi_error( "400 Unknown method $method" );
391	3					9	return;
392							}
393
394	2	50				19	unless ( $data ) {
395
396							# I liked this reporting but CGI.pm does not behave like this so
397							# out it goes......
398							# $self->cgi_error("400 No data received via method: $method, type: $type");
399	0					0	return;
400							}
401
402	2					7	$self->_parse_params( $data );
403							}
404							}
405
406							sub _parse_params {
407	102			102		259	my ( $self, $data ) = @_;
408	102	50				300	return () unless defined $data;
409	102	100				770	unless ( $data =~ /[&=;]/ ) {
410	12					51	$self->{'keywords'} = [ $self->_parse_keywordlist( $data ) ];
411	12					57	return;
412							}
413	90					570	my @pairs = split /[&;]/, $data;
414	90					402	for my $pair ( @pairs ) {
415	300					1147	my ( $param, $value ) = split /=/, $pair, 2;
416	300	50				672	next unless defined $param;
417	300	100				592	$value = '' unless defined $value;
418	300					798	$self->_add_param( $self->url_decode( $param ),
419							$self->url_decode( $value ) );
420							}
421							}
422
423							sub _add_param {
424	389			389		963	my ( $self, $param, $value, $overwrite ) = @_;
425	389	100	66			1795	return () unless defined $param and defined $value;
426	385	100				1099	$param =~ tr/\000//d if $self->{'.globals'}->{'NO_NULL'};
427	385	100				834	@{ $self->{$param} } = () if $overwrite;
	29					80
428	385	100				1032	@{ $self->{$param} } = () unless exists $self->{$param};
	200					777
429	385	100				1119	my @values = ref $value ? @{$value} : ( $value );
	51					127
430	385					803	for my $value ( @values ) {
431							next
432							if $value eq ''
433	441	100	100			982	and $self->{'.globals'}->{'NO_UNDEF_PARAMS'};
434							$value =~ tr/\000//d
435	437	50	66			1946	if $self->{'.globals'}->{'NO_NULL'} and $param ne 'PUTDATA' and $param ne 'POSTDATA';
			66
436							$value = Encode::decode( utf8 => $value )
437	437	0	33			1176	if $self->{'.globals'}->{PARAM_UTF8} and $param ne 'PUTDATA' and $param ne 'POSTDATA';
			33
438	437					688	push @{ $self->{$param} }, $value;
	437					1158
439	437	100				1325	unless ( $self->{'.fieldnames'}->{$param} ) {
440	207					314	push @{ $self->{'.parameters'} }, $param;
	207					644
441	207					624	$self->{'.fieldnames'}->{$param}++;
442							}
443							}
444	385					1310	return scalar @values; # for compatibility with CGI.pm request.t
445							}
446
447							sub _parse_keywordlist {
448	16			16		47	my ( $self, $data ) = @_;
449	16	50				51	return () unless defined $data;
450	16					53	$data = $self->url_decode( $data );
451	16	100				72	$data =~ tr/\000//d if $self->{'.globals'}->{'NO_NULL'};
452	16					56	my @keywords = split /\s+/, $data;
453	16					79	return @keywords;
454							}
455
456							sub _massage_boundary {
457	4			4		15	my ( $self, $boundary ) = @_;
458
459							# BUG: IE 3.01 on the Macintosh uses just the boundary,
460							# forgetting the --
461							$boundary = '--' . $boundary
462							unless exists $ENV{'HTTP_USER_AGENT'}
463	4	50	33			67	&& $ENV{'HTTP_USER_AGENT'} =~ m/MSIE\s+3\.0[12];\s*Mac/i;
464
465	4					19	return quotemeta $boundary;
466							}
467
468							sub _parse_multipart {
469	4			4		11	my $self = shift;
470	4	50				20	my $handle = shift or die "NEED A HANDLE!?";
471
472							my ( $boundary )
473	4					59	= $ENV{'CONTENT_TYPE'} =~ /boundary=\"?([^\";,]+)\"?/;
474
475	4	100				50	$boundary = $self->_massage_boundary( $boundary ) if $boundary;
476
477	4					11	my $got_data = 0;
478	4					29	my $data = '';
479	4		50			37	my $length = $ENV{'CONTENT_LENGTH'} \|\| 0;
480	4					60	my $CRLF = $self->crlf;
481
482							READ:
483
484	4					35	while ( $got_data < $length ) {
485	4	50				35	last READ unless _internal_read( $self, $handle, my $buffer );
486	4					17	$data .= $buffer;
487	4					12	$got_data += length $buffer;
488
489	4	100				28	unless ( $boundary ) {
490							# If we're going to guess the boundary we need a complete line.
491	1	50				157	next READ unless $data =~ /^(.*)$CRLF/o;
492	1					37	$boundary = $1;
493
494							# Still no boundary? Give up...
495	1	50				4	unless ( $boundary ) {
496	0					0	$self->cgi_error(
497							'400 No boundary supplied for multipart/form-data' );
498	0					0	return 0;
499							}
500	1					6	$boundary = $self->_massage_boundary( $boundary );
501							}
502
503							BOUNDARY:
504
505	4					291	while ( $data =~ m/^$boundary$CRLF/ ) {
506							## TAB and high ascii chars are definitivelly allowed in headers.
507							## Not accepting them in the following regex prevents the upload of
508							## files with filenames like "España.txt".
509							# next READ unless $data =~ m/^([\040-\176$CRLF]+?$CRLF$CRLF)/o;
510							next READ
511	8	50				273	unless $data =~ m/^([\x20-\x7E\x80-\xFF\x09$CRLF]+?$CRLF$CRLF)/o;
512	8					66	my $header = $1;
513	8					235	( my $unfold = $1 ) =~ s/$CRLF\s+/ /og;
514	8					61	my ( $param ) = $unfold =~ m/form-data;\s+name="?([^\";]*)"?/;
515	8					488	my ( $filename )
516							= $unfold =~ m/name="?\Q$param\E"?;\s+filename="?([^\"]*)"?/;
517
518	8	100				38	if ( defined $filename ) {
519	4					50	my ( $mime ) = $unfold =~ m/Content-Type:\s+([-\w\+\.\/]+)/io;
520	4					114	$data =~ s/^\Q$header\E//;
521	4					32	( $got_data, $data, my $fh, my $size )
522							= $self->_save_tmpfile( $handle, $boundary, $filename,
523							$got_data, $data );
524	4					19	$self->_add_param( $param, $filename );
525	4					26	$self->{'.upload_fields'}->{$param} = $filename;
526	4	100				34	$self->{'.filehandles'}->{$filename} = $fh if $fh;
527	4	50				47	$self->{'.tmpfiles'}->{$filename}
528							= { 'size' => $size, 'mime' => $mime }
529							if $size;
530	4					36	next BOUNDARY;
531							}
532							next READ
533	4	50				181	unless $data =~ s/^\Q$header\E(.*?)$CRLF(?=$boundary)//s;
534	4					23	$self->_add_param( $param, $1 );
535							}
536	4	100				192	unless ( $data =~ m/^$boundary/ ) {
537							## In a perfect world, $data should always begin with $boundary.
538							## But sometimes, IE5 prepends garbage boundaries into POST(ed) data.
539							## Then, $data does not start with $boundary and the previous block
540							## never gets executed. The following fix attempts to remove those
541							## extra boundaries from readed $data and restart boundary parsing.
542							## Note about performance: with well formed data, previous check is
543							## executed (generally) only once, when $data value is "$boundary--"
544							## at end of parsing.
545	1	50				44	goto BOUNDARY if ( $data =~ s/.*?$CRLF(?=$boundary$CRLF)//s );
546							}
547							}
548	4					28	return $got_data;
549							}
550
551							sub _save_tmpfile {
552	4			4		15	my ( $self, $handle, $boundary, $filename, $got_data, $data ) = @_;
553	4					6	my $fh;
554	4					10	my $CRLF = $self->crlf;
555	4		50			16	my $length = $ENV{'CONTENT_LENGTH'} \|\| 0;
556	4					9	my $file_size = 0;
557	4	100				17	if ( $self->{'.globals'}->{'DISABLE_UPLOADS'} ) {
		50
558	3					10	$self->cgi_error( "405 Not Allowed - File uploads are disabled" );
559							}
560							elsif ( $filename ) {
561	1					14	eval { require IO::File };
	1					1928
562	1	50				13956	$self->cgi_error( "500 IO::File is not available $@" ) if $@;
563	1					311	$fh = new_tmpfile IO::File;
564	1	50				16	$self->cgi_error( "500 IO::File can't create new temp_file" )
565							unless $fh;
566							}
567
568							# read in data until closing boundary found. buffer to catch split boundary
569							# we do this regardless of whether we save the file or not to read the file
570							# data from STDIN. if either uploads are disabled or no file has been sent
571							# $fh will be undef so only do file stuff if $fh is true using $fh && syntax
572	4	100				15	$fh && binmode $fh;
573	4					19	while ( $got_data < $length ) {
574
575	0					0	my $buffer = $data;
576	0	0				0	last unless _internal_read( $self, \*STDIN, $data );
577
578							# fixed hanging bug if browser terminates upload part way through
579							# thanks to Brandon Black
580	0	0				0	unless ( $data ) {
581	0					0	$self->cgi_error(
582							'400 Malformed multipart, no terminating boundary' );
583	0					0	undef $fh;
584	0					0	return $got_data;
585							}
586
587	0					0	$got_data += length $data;
588	0	0				0	if ( "$buffer$data" =~ m/$boundary/ ) {
589	0					0	$data = $buffer . $data;
590	0					0	last;
591							}
592
593							# we do not have partial boundary so print to file if valid $fh
594	0	0				0	$fh && print $fh $buffer;
595	0					0	$file_size += length $buffer;
596							}
597	4					124	$data =~ s/^(.*?)$CRLF(?=$boundary)//s;
598	4	100				35	$fh && print $fh $1; # print remainder of file if valid $fh
599	4					14	$file_size += length $1;
600	4					36	return $got_data, $data, $fh, $file_size;
601							}
602
603							# Define the CRLF sequence. You can't use a simple "\r\n" because of system
604							# specific 'features'. On EBCDIC systems "\t" ne "\011" as the don't use ASCII
605							sub crlf {
606	88			88	1	2715	my ( $self, $CRLF ) = @_;
607	88	50				252	$self->{'.crlf'} = $CRLF if $CRLF; # allow value to be set manually
608	88	100				301	unless ( $self->{'.crlf'} ) {
609							my $OS = $^O
610	17		33			216	\|\| do { require Config; $Config::Config{'osname'} };
611	17	50				197	$self->{'.crlf'}
612							= ( $OS =~ m/VMS/i ) ? "\n"
613							: ( "\t" ne "\011" ) ? "\r\n"
614							: "\015\012";
615							}
616	88					258	return $self->{'.crlf'};
617							}
618
619							################ The Core Methods ################
620
621							sub param {
622	535			535	1	26050	my ( $self, $param, @p ) = @_;
623	535	100				1126	unless ( defined $param ) { # return list of all params
624							my @params
625	141	100				410	= $self->{'.parameters'} ? @{ $self->{'.parameters'} } : ();
	129					359
626	141					687	return @params;
627							}
628	394	100				838	unless ( @p ) { # return values for $param
629	354	100				749	return () unless exists $self->{$param};
630	339	100				1250	return wantarray ? @{ $self->{$param} } : $self->{$param}->[0];
	263					1176
631							}
632	40	100	100			257	if ( $param =~ m/^-name$/i and @p == 1 ) {
633	15	100				61	return () unless exists $self->{ $p[0] };
634	11	100				68	return wantarray ? @{ $self->{ $p[0] } } : $self->{ $p[0] }->[0];
	2					13
635							}
636
637							# set values using -name=>'foo',-value=>'bar' syntax.
638							# also allows for $q->param( 'foo', 'some', 'new', 'values' ) syntax
639	25	100				105	( $param, undef, @p ) = @p
640							if $param =~ m/^-name$/i; # undef represents -value token
641	25	100				204	$self->_add_param( $param, ( ref $p[0] eq 'ARRAY' ? $p[0] : [@p] ),
642							'overwrite' );
643	25	100				116	return wantarray ? @{ $self->{$param} } : $self->{$param}->[0];
	6					30
644							}
645
646							# a new method that provides access to a new internal routine. Useage:
647							# $q->add_param( $param, $value, $overwrite )
648							# $param must be a plain scalar
649							# $value may be either a scalar or an array ref
650							# if $overwrite is a true value $param will be overwritten with new values.
651							sub add_param {
652	16			16	1	9014	_add_param( @_ );
653							}
654
655							sub param_fetch {
656	6			6	1	3461	my ( $self, $param, @p ) = @_;
657	6	100	100			47	$param
658							= ( defined $param and $param =~ m/^-name$/i ) ? $p[0] : $param;
659	6	100				25	return undef unless defined $param;
660	4	50				17	$self->_add_param( $param, [] ) unless exists $self->{$param};
661	4					19	return $self->{$param};
662							}
663
664							# Return a parameter in the QUERY_STRING, regardless of whether a POST or GET
665							sub url_param {
666	17			17	1	5945	my ( $self, $param ) = @_;
667	17	50				135	return () unless $ENV{'QUERY_STRING'};
668	17					168	$self->{'.url_param'} = {};
669	17					96	bless $self->{'.url_param'}, 'CGI::Simple';
670	17					107	$self->{'.url_param'}->_parse_params( $ENV{'QUERY_STRING'} );
671	17					123	return $self->{'.url_param'}->param( $param );
672							}
673
674							sub keywords {
675	19			19	1	1907	my ( $self, @values ) = @_;
676	19	100				82	$self->{'keywords'}
		100
677							= ref $values[0] eq 'ARRAY' ? $values[0] : [@values]
678							if @values;
679							my @result
680	19	50				55	= defined( $self->{'keywords'} ) ? @{ $self->{'keywords'} } : ();
	19					85
681	19					188	return @result;
682							}
683
684							sub Vars {
685	17			17	1	2852	my $self = shift;
686	17		100			139	$self->{'.sep'} = shift \|\| $self->{'.sep'} \|\| "\0";
687	17	100				47	if ( wantarray ) {
688	10					19	my %hash;
689	10					32	for my $param ( $self->param ) {
690	20					112	$hash{$param} = join $self->{'.sep'}, $self->param( $param );
691							}
692	10					69	return %hash;
693							}
694							else {
695	7					9	my %tied;
696	7					34	tie %tied, "CGI::Simple", $self;
697	7					23	return \%tied;
698							}
699							}
700
701	7	50		7		32	sub TIEHASH { $_[1] ? $_[1] : new $_[0] }
702
703							sub STORE {
704	6			6		3437	my ( $q, $p, $v ) = @_;
705	6	50				20	return unless defined $v;
706	6					97	$q->param( $p, split $q->{'.sep'}, $v );
707							}
708
709							sub FETCH {
710	7			7		144	my ( $q, $p ) = @_;
711	7	50				33	ref $q->{$p} eq "ARRAY" ? join $q->{'.sep'}, @{ $q->{$p} } : $q->{$p};
	7					40
712							}
713	0			0		0	sub FIRSTKEY { my $a = scalar keys %{ $_[0] }; each %{ $_[0] } }
	0					0
	0					0
	0					0
714	0			0		0	sub NEXTKEY { each %{ $_[0] } }
	0					0
715	0			0		0	sub EXISTS { exists $_[0]->{ $_[1] } }
716	0			0		0	sub DELETE { $_[0]->delete( $_[1] ) }
717	0			0		0	sub CLEAR { %{ $_[0] } = () }
	0					0
718
719							sub append {
720	24			24	1	6667	my ( $self, $param, @p ) = @_;
721	24	100				72	return () unless defined $param;
722
723							# set values using $q->append(-name=>'foo',-value=>'bar') syntax
724							# also allows for $q->append( 'foo', 'some', 'new', 'values' ) syntax
725	20	100				98	( $param, undef, @p ) = @p
726							if $param =~ m/^-name$/i; # undef represents -value token
727	20	100	66			135	$self->_add_param( $param,
728							( ( defined $p[0] and ref $p[0] ) ? $p[0] : [@p] ) );
729	20					63	return $self->param( $param );
730							}
731
732							sub delete {
733	15			15	1	1936	my ( $self, $param ) = @_;
734	15	100				60	return () unless defined $param;
735	11	50				41	$param
736							= $param =~ m/^-name$/i
737							? shift
738							: $param; # allow delete(-name=>'foo') syntax
739	11	50				35	return undef unless defined $self->{$param};
740	11					32	delete $self->{$param};
741	11					25	delete $self->{'.fieldnames'}->{$param};
742							$self->{'.parameters'}
743	11					23	= [ grep { $_ ne $param } @{ $self->{'.parameters'} } ];
	35					96
	11					99
744							}
745
746	8			8	0	30	sub Delete { CGI::Simple::delete( @_ ) } # for method style interface
747
748							sub delete_all {
749	6			6	1	987	my $self = shift;
750	6					11	undef %{$self};
	6					54
751	6					22	$self->_store_globals;
752							}
753
754	2			2	0	9	sub Delete_all { $_[0]->delete_all } # as used by CGI.pm
755
756							sub upload {
757	17			17	1	7590	my ( $self, $filename, $writefile ) = @_;
758	17	100				51	unless ( $filename ) {
759	8	50				19	$self->cgi_error( "No filename submitted for upload to $writefile" )
760							if $writefile;
761							return $self->{'.filehandles'}
762	8	100				36	? keys %{ $self->{'.filehandles'} }
	4					21
763							: ();
764							}
765	9	100				69	unless ( $ENV{'CONTENT_TYPE'} =~ m\|^multipart/form-data\|i ) {
766	1					6	$self->cgi_error(
767							'Oops! File uploads only work if you specify ENCTYPE="multipart/form-data" in your tag'
768							);
769	1					42	return undef;
770							}
771	8					23	my $fh = $self->{'.filehandles'}->{$filename};
772
773							# allow use of upload fieldname to get filehandle
774							# this has limitation that in the event of duplicate
775							# upload field names there can only be one filehandle
776							# which will point to the last upload file
777							# access by filename does not suffer from this issue.
778							$fh
779							= $self->{'.filehandles'}->{ $self->{'.upload_fields'}->{$filename} }
780	8	50	66			47	if !$fh and defined $self->{'.upload_fields'}->{$filename};
781
782	8	100				23	if ( $fh ) {
783	4					26	seek $fh, 0, 0; # get ready for reading
784	4	100				18	return $fh unless $writefile;
785	2					9	my $buffer;
786							my $out;
787	2	50				452	unless ( open $out, '>', $writefile ) {
788	0					0	$self->cgi_error( "500 Can't write to $writefile: $!\n" );
789	0					0	return undef;
790							}
791	2					12	binmode $out;
792	2					6	binmode $fh;
793	2					69	print $out $buffer while read( $fh, $buffer, 4096 );
794	2					123	close $out;
795	2					12	$self->{'.filehandles'}->{$filename} = undef;
796	2					7	undef $fh;
797	2					20	return 1;
798							}
799							else {
800	4					27	$self->cgi_error(
801							"No filehandle for '$filename'. Are uploads enabled (\$DISABLE_UPLOADS = 0)? Is \$POST_MAX big enough?"
802							);
803	4					16	return undef;
804							}
805							}
806
807							sub upload_fieldnames {
808	0			0	0	0	my ( $self ) = @_;
809							return wantarray
810	0					0	? ( keys %{ $self->{'.upload_fields'} } )
811	0	0				0	: [ keys %{ $self->{'.upload_fields'} } ];
	0					0
812							}
813
814							# return the file size of an uploaded file
815							sub upload_info {
816	3			3	1	53	my ( $self, $filename, $info ) = @_;
817	3	50				24	unless ( $ENV{'CONTENT_TYPE'} =~ m\|^multipart/form-data\|i ) {
818	0					0	$self->cgi_error(
819							'Oops! File uploads only work if you specify ENCTYPE="multipart/form-data" in your tag'
820							);
821	0					0	return undef;
822							}
823	3	50				21	return keys %{ $self->{'.tmpfiles'} } unless $filename;
	0					0
824	3	50				31	return $self->{'.tmpfiles'}->{$filename}->{'mime'}
825							if $info =~ /mime/i;
826	0					0	return $self->{'.tmpfiles'}->{$filename}->{'size'};
827							}
828
829	0			0	0	0	sub uploadInfo { &upload_info } # alias for CGI.pm compatibility
830
831							# return all params/values in object as a query string suitable for 'GET'
832							sub query_string {
833	70			70	0	126	my $self = shift;
834	70					116	my @pairs;
835	70					175	for my $param ( $self->param ) {
836	171					270	for my $value ( $self->param( $param ) ) {
837	265	50				491	next unless defined $value;
838	265					396	push @pairs,
839							$self->url_encode( $param ) . '=' . $self->url_encode( $value );
840							}
841							}
842	70	100				453	return join $self->{'.globals'}->{'USE_PARAM_SEMICOLONS'} ? ';' : '&',
843							@pairs;
844							}
845
846							# new method that will add QUERY_STRING data to our CGI::Simple object
847							# if the REQUEST_METHOD was 'POST'
848							sub parse_query_string {
849	2			2	1	6	my $self = shift;
850							$self->_parse_params( $ENV{'QUERY_STRING'} )
851							if defined $ENV{'QUERY_STRING'}
852	2	50	33			24	and $ENV{'REQUEST_METHOD'} eq 'POST';
853							}
854
855							################ Save and Restore params from file ###############
856
857							sub _init_from_file {
858	21			21		230	use Carp qw(confess);
	21					63
	21					55214
859	0			0		0	confess "INIT_FROM_FILE called, stupid fucker!";
860	0					0	my ( $self, $fh ) = @_;
861	0					0	local $/ = "\n";
862	0					0	while ( my $pair = <$fh> ) {
863	0					0	chomp $pair;
864	0	0				0	return if $pair eq '=';
865	0					0	$self->_parse_params( $pair );
866							}
867							}
868
869							sub save {
870	4			4	1	256	my ( $self, $fh ) = @_;
871	4					25	local ( $,, $\ ) = ( '', '' );
872	4	50	33			37	unless ( $fh and fileno $fh ) {
873	0					0	$self->cgi_error( 'Invalid filehandle' );
874	0					0	return undef;
875							}
876	4					17	for my $param ( $self->param ) {
877	8					24	for my $value ( $self->param( $param ) ) {
878							;
879	16					43	print $fh $self->url_encode( $param ), '=',
880							$self->url_encode( $value ), "\n";
881							}
882							}
883	4					29	print $fh "=\n";
884							}
885
886	3			3	0	996	sub save_parameters { save( @_ ) } # CGI.pm alias for save
887
888							################ Miscellaneous Methods ################
889
890							sub parse_keywordlist {
891	4			4	1	962	_parse_keywordlist( @_ );
892							} # CGI.pm compatibility
893
894							sub escapeHTML {
895	18			18	1	1462	my ( $self, $escape, $newlinestoo ) = @_;
896	18					123	require CGI::Simple::Util;
897	18					73	$escape = CGI::Simple::Util::escapeHTML( $escape );
898	18	100				65	$escape =~ s/([\012\015])/'&#'.(ord $1).';'/eg if $newlinestoo;
	8					50
899	18					224	return $escape;
900							}
901
902							sub unescapeHTML {
903	137			137	1	2529	require CGI::Simple::Util;
904	137					259	return CGI::Simple::Util::unescapeHTML( $_[1] );
905							}
906
907							sub put {
908	2			2	1	891	my $self = shift;
909	2					9	$self->print( @_ );
910							} # send output to browser
911
912							sub print {
913	3			3	1	8	shift;
914	3					22	CORE::print( @_ );
915							} # print to standard output (for overriding in mod_perl)
916
917							################# Cookie Methods ################
918
919							sub cookie {
920	28			28	1	8157	my ( $self, @params ) = @_;
921	28					176	require CGI::Simple::Cookie;
922	28					87	require CGI::Simple::Util;
923	28					146	my ( $name, $value, $path, $domain, $secure, $expires, $httponly, $samesite )
924							= CGI::Simple::Util::rearrange(
925							[
926							'NAME', [ 'VALUE', 'VALUES' ],
927							'PATH', 'DOMAIN',
928							'SECURE', 'EXPIRES',
929							'HTTPONLY', 'SAMESITE'
930							],
931							@params
932							);
933
934							# retrieve the value of the cookie, if no value is supplied
935	28	100				108	unless ( defined( $value ) ) {
936							$self->{'.cookies'} = CGI::Simple::Cookie->fetch
937	16	100				51	unless $self->{'.cookies'};
938	16	50				40	return () unless $self->{'.cookies'};
939
940							# if no name is supplied, then retrieve the names of all our cookies.
941	16	100				36	return keys %{ $self->{'.cookies'} } unless $name;
	4					27
942
943							# return the value of the cookie
944							return
945							exists $self->{'.cookies'}->{$name}
946	12	100				60	? $self->{'.cookies'}->{$name}->value
947							: ();
948							}
949
950							# If we get here, we're creating a new cookie
951	12	50				36	return undef unless $name; # this is an error
952	12					33	@params = ();
953	12					30	push @params, '-name' => $name;
954	12					25	push @params, '-value' => $value;
955	12	100				31	push @params, '-domain' => $domain if $domain;
956	12	100				37	push @params, '-path' => $path if $path;
957	12	100				29	push @params, '-expires' => $expires if $expires;
958	12	100				30	push @params, '-secure' => $secure if $secure;
959	12	100				30	push @params, '-httponly' => $httponly if $httponly;
960	12	50				29	push @params, '-samesite' => $samesite if $samesite;
961	12					55	return CGI::Simple::Cookie->new( @params );
962							}
963
964							sub raw_cookie {
965	12			12	1	3507	my ( $self, $key ) = @_;
966	12	100				66	if ( defined $key ) {
967	8	100				26	unless ( $self->{'.raw_cookies'} ) {
968	2					2713	require CGI::Simple::Cookie;
969	2					13	$self->{'.raw_cookies'} = CGI::Simple::Cookie->raw_fetch;
970							}
971	8		66			53	return $self->{'.raw_cookies'}->{$key} \|\| ();
972							}
973	4		50			39	return $ENV{'HTTP_COOKIE'} \|\| $ENV{'COOKIE'} \|\| '';
974							}
975
976							################# Header Methods ################
977
978							sub header {
979	52			52	1	6248	my ( $self, @params ) = @_;
980	52					313	require CGI::Simple::Util;
981	52					83	my @header;
982							return undef
983							if $self->{'.header_printed'}++
984	52	50	66			309	and $self->{'.globals'}->{'HEADERS_ONCE'};
985							my (
986	52					403	$type, $status, $cookie, $target, $expires,
987							$nph, $charset, $attachment, $p3p, @other
988							)
989							= CGI::Simple::Util::rearrange(
990							[
991							[ 'TYPE', 'CONTENT_TYPE', 'CONTENT-TYPE' ], 'STATUS',
992							[ 'COOKIE', 'COOKIES', 'SET-COOKIE' ], 'TARGET',
993							'EXPIRES', 'NPH',
994							'CHARSET', 'ATTACHMENT',
995							'P3P'
996							],
997							@params
998							);
999
1000	52					295	my $CRLF = $self->crlf;
1001	52					210	my $ALL_POSSIBLE_CRLF = qr/(?:\r\n\|\n\|\015\012)/;
1002
1003							# CR escaping for values, per RFC 822
1004	52					136	for my $header (
1005							$type, $status, $cookie, $target, $expires,
1006							$nph, $charset, $attachment, $p3p, @other
1007							) {
1008	478	100				918	if ( defined $header ) {
1009							# From RFC 822:
1010							# Unfolding is accomplished by regarding CRLF immediately
1011							# followed by a LWSP-char as equivalent to the LWSP-char
1012							# (defined in the RFC as a space or a horizontal tab).
1013	94					1037	$header =~ s/$ALL_POSSIBLE_CRLF([ \t])/$1/g;
1014
1015							# All other uses of newlines are invalid input.
1016	94	100				479	if ( $header =~ m/$ALL_POSSIBLE_CRLF/ ) {
1017							# shorten very long values in the diagnostic
1018	11	50				28	$header = substr( $header, 0, 72 ) . '...'
1019							if ( length $header > 72 );
1020	11					153	die
1021							"Invalid header value contains a newline not followed by whitespace: $header";
1022							}
1023							}
1024							}
1025
1026	41		66			225	$nph \|\|= $self->{'.globals'}->{'NPH'};
1027	41					197	$charset = $self->charset( $charset )
1028							; # get charset (and set new charset if supplied)
1029							# rearrange() was designed for the HTML portion, so we need to fix it up a little.
1030
1031	41					99	for ( @other ) {
1032
1033							# Don't use \s because of perl bug 21951
1034							next
1035	16	50				201	unless my ( $header, $value ) = /([^ \r\n\t=]+)=\"?(.+?)\"?$/s;
1036	16					95	( $_ = $header )
1037	16					123	=~ s/^(\w)(.*)/"\u$1\L$2" . ': '.$self->unescapeHTML($value)/e;
1038							}
1039	41	100	50			192	$type \|\|= 'text/html' unless defined $type;
1040	41	100	100			342	$type .= "; charset=$charset"
			66
1041							if $type
1042							and $type =~ m!^text/!
1043							and $type !~ /\bcharset\b/;
1044	41		100			153	my $protocol = $ENV{SERVER_PROTOCOL} \|\| 'HTTP/1.0';
1045	41	100	100			158	push @header, $protocol . ' ' . ( $status \|\| '200 OK' ) if $nph;
1046	41	100				111	push @header, "Server: " . server_software() if $nph;
1047	41	100				98	push @header, "Status: $status" if $status;
1048	41	50				193	push @header, "Window-Target: $target" if $target;
1049
1050	41	50				117	if ( $p3p ) {
1051	0	0				0	$p3p = join ' ', @$p3p if ref( $p3p ) eq 'ARRAY';
1052	0					0	push( @header, qq(P3P: policyref="/w3c/p3p.xml", CP="$p3p") );
1053							}
1054
1055							# push all the cookies -- there may be several
1056	41	100				92	if ( $cookie ) {
1057	3	100				19	my @cookie = ref $cookie eq 'ARRAY' ? @{$cookie} : $cookie;
	1					5
1058	3					9	for my $cookie ( @cookie ) {
1059	4	100				19	my $cs
1060							= ref $cookie eq 'CGI::Simple::Cookie'
1061							? $cookie->as_string
1062							: $cookie;
1063	4	50				27	push @header, "Set-Cookie: $cs" if $cs;
1064							}
1065							}
1066
1067							# if the user indicates an expiration time, then we need both an Expires
1068							# and a Date header (so that the browser is using OUR clock)
1069	41	100				117	$expires = 'now'
1070							if $self->no_cache; # encourage no caching via expires now
1071	41	100				123	push @header,
1072							"Expires: " . CGI::Simple::Util::expires( $expires, 'http' )
1073							if $expires;
1074	41	100	100			252	push @header, "Date: " . CGI::Simple::Util::expires( 0, 'http' )
			100
1075							if defined $expires \|\| $cookie \|\| $nph;
1076	41	100	66			123	push @header, "Pragma: no-cache" if $self->cache or $self->no_cache;
1077	41	100				116	push @header,
1078							"Content-Disposition: attachment; filename=\"$attachment\""
1079							if $attachment;
1080	41					89	push @header, @other;
1081	41	100				124	push @header, "Content-Type: $type" if $type;
1082	41					129	my $header = join $CRLF, @header;
1083	41					152	$header .= $CRLF . $CRLF; # add the statutory two CRLFs
1084
1085	41	50	33			130	if ( $self->{'.mod_perl'} and not $nph ) {
1086	0					0	my $r = $self->_mod_perl_request();
1087	0					0	$r->send_cgi_header( $header );
1088	0					0	return '';
1089							}
1090	41					363	return $header;
1091							}
1092
1093							# Control whether header() will produce the no-cache Pragma directive.
1094							sub cache {
1095	45			45	1	1549	my ( $self, $value ) = @_;
1096	45	100				135	$self->{'.cache'} = $value if defined $value;
1097	45					191	return $self->{'.cache'};
1098							}
1099
1100							# Control whether header() will produce expires now + the no-cache Pragma.
1101							sub no_cache {
1102	78			78	1	1559	my ( $self, $value ) = @_;
1103	78	100				177	$self->{'.no_cache'} = $value if defined $value;
1104	78					227	return $self->{'.no_cache'};
1105							}
1106
1107							sub redirect {
1108	13			13	1	2488	my ( $self, @params ) = @_;
1109	13					80	require CGI::Simple::Util;
1110	13					70	my ( $url, $target, $cookie, $nph, @other )
1111							= CGI::Simple::Util::rearrange(
1112							[
1113							[ 'LOCATION', 'URI', 'URL' ], 'TARGET',
1114							[ 'COOKIE', 'COOKIES' ], 'NPH'
1115							],
1116							@params
1117							);
1118	13		66			64	$url \|\|= $self->self_url;
1119	13					17	my @o;
1120	13					27	for ( @other ) { tr/\"//d; push @o, split "=", $_, 2; }
	6					12
	6					22
1121	13					38	unshift @o,
1122							'-Status' => '302 Found',
1123							'-Location' => $url,
1124							'-nph' => $nph;
1125	13	50				104	unshift @o, '-Target' => $target if $target;
1126	13	50				32	unshift @o, '-Cookie' => $cookie if $cookie;
1127	13					31	unshift @o, '-Type' => '';
1128	13					17	my @unescaped;
1129	13	50				24	unshift( @unescaped, '-Cookie' => $cookie ) if $cookie;
1130	13					30	return $self->header( ( map { $self->unescapeHTML( $_ ) } @o ),
	116					179
1131							@unescaped );
1132							}
1133
1134							################# Server Push Methods #################
1135							# Return a Content-Type: style header for server-push
1136							# This has to be NPH, and it is advisable to set $\| = 1
1137							# Credit to Ed Jordan and
1138							# Andrew Benham for this section
1139
1140							sub multipart_init {
1141	10			10	1	3262	my ( $self, @p ) = @_;
1142	21			21		14256	use CGI::Simple::Util qw(rearrange);
	21					71
	21					9692
1143	10					46	my ( $boundary, @other ) = rearrange( ['BOUNDARY'], @p );
1144	10	100				39	if ( !$boundary ) {
1145	6					11	$boundary = '------- =_';
1146	6					104	my @chrs = ( '0' .. '9', 'A' .. 'Z', 'a' .. 'z' );
1147	6					20	for ( 1 .. 17 ) {
1148	102					324	$boundary .= $chrs[ rand( scalar @chrs ) ];
1149							}
1150							}
1151
1152	10					34	my $CRLF = $self->crlf; # get CRLF sequence
1153	10					22	my $warning
1154							= "WARNING: YOUR BROWSER DOESN'T SUPPORT THIS SERVER-PUSH TECHNOLOGY.";
1155	10					28	$self->{'.separator'} = "$CRLF--$boundary$CRLF";
1156	10					30	$self->{'.final_separator'} = "$CRLF--$boundary--$CRLF$warning$CRLF";
1157	10					23	my $type = 'multipart/x-mixed-replace;boundary="' . $boundary . '"';
1158							return $self->header(
1159							-nph => 1,
1160							-type => $type,
1161	10					39	map { split "=", $_, 2 } @other
	0					0
1162							)
1163							. $warning
1164							. $self->multipart_end;
1165							}
1166
1167							sub multipart_start {
1168	6			6	1	2495	my ( $self, @p ) = @_;
1169	21			21		174	use CGI::Simple::Util qw(rearrange);
	21					133
	21					20049
1170	6					30	my ( $type, @other ) = rearrange( ['TYPE'], @p );
1171	6					19	foreach ( @other ) { # fix return from rearange
1172	0	0				0	next unless my ( $header, $value ) = /([^\s=]+)=\"?(.+?)\"?$/;
1173	0					0	$_ = ucfirst( lc $header ) . ': ' . unescapeHTML( 1, $value );
1174							}
1175	6		100			53	$type = $type \|\| 'text/html';
1176	6					20	my @header = ( "Content-Type: $type" );
1177	6					12	push @header, @other;
1178	6					20	my $CRLF = $self->crlf; # get CRLF sequence
1179	6					40	return ( join $CRLF, @header ) . $CRLF . $CRLF;
1180							}
1181
1182	12			12	1	955	sub multipart_end { return $_[0]->{'.separator'} }
1183
1184	2			2	1	846	sub multipart_final { return $_[0]->{'.final_separator'} }
1185
1186							################# Debugging Methods ################
1187
1188							sub read_from_cmdline {
1189	2			2	0	5	my @words;
1190	2	50	33			19	if ( $_[0]->{'.globals'}->{'DEBUG'} == 1 and @ARGV ) {
		0
1191	2					8	@words = @ARGV;
1192							}
1193							elsif ( $_[0]->{'.globals'}->{'DEBUG'} == 2 ) {
1194	0					0	require "shellwords.pl";
1195	0					0	print "(offline mode: enter name=value pairs on standard input)\n";
1196	0					0	chomp( my @lines = );
1197	0					0	@words = &shellwords( join " ", @lines );
1198							}
1199							else {
1200	0					0	return '';
1201							}
1202	2					8	@words = map { s/\\=/%3D/g; s/\\&/%26/g; $_ } @words;
	4					16
	4					12
	4					13
1203	2	50				23	return "@words" =~ m/=/ ? join '&', @words : join '+', @words;
1204							}
1205
1206							sub Dump {
1207	10			10	1	1758	require Data::Dumper; # short and sweet way of doing it
1208	10					10469	( my $dump = Data::Dumper::Dumper( @_ ) )
1209							=~ tr/\000/0/; # remove null bytes cgi-lib.pl
1210	10					2377	return ' ' . escapeHTML( 1, $dump ) . ' ';
1211							}
1212
1213	2			2	0	756	sub as_string { Dump( @_ ) } # CGI.pm alias for Dump()
1214
1215							sub cgi_error {
1216	18			18	1	1249	my ( $self, $err ) = @_;
1217	18	100				66	if ( $err ) {
1218	11					32	$self->{'.cgi_error'} = $err;
1219							$self->{'.globals'}->{'FATAL'} == 1 ? croak $err
1220	11	50				90	: $self->{'.globals'}->{'FATAL'} == 0 ? carp $err
		50
1221							: return $err;
1222							}
1223	7					133	return $self->{'.cgi_error'};
1224							}
1225
1226							################# cgi-lib.pl Compatibility Methods #################
1227							# Lightly GOLFED but the original functionality remains. You can call
1228							# them using either: # $q->MethodName or CGI::Simple::MethodName
1229
1230	17	100		17		87	sub _shift_if_ref { shift if ref $_[0] eq 'CGI::Simple' }
1231
1232							sub ReadParse {
1233	6		66	6	0	921	my $q = &_shift_if_ref \|\| CGI::Simple->new;
1234	6					18	my $pkg = caller();
1235	21			21		179	no strict 'refs';
	21					62
	21					57601
1236							*in
1237							= @_
1238							? $_[0]
1239	6	100				24	: {"${pkg}::in"}; # set in to passed glob or export *in
	2					12
1240	6					24	%in = $q->Vars;
1241	6					17	$in{'CGI'} = $q;
1242	6					23	return scalar %in;
1243							}
1244
1245							sub SplitParam {
1246	6			6	0	20	&_shift_if_ref;
1247	6	100				73	defined $_[0]
		50
1248							&& ( wantarray ? split "\0", $_[0] : ( split "\0", $_[0] )[0] );
1249							}
1250
1251	2			2	0	10	sub MethGet { request_method() eq 'GET' }
1252
1253	2			2	0	8	sub MethPost { request_method() eq 'POST' }
1254
1255							sub MyBaseUrl {
1256	10			10	0	34	local $^W = 0;
1257	10	100				28	'http://'
1258							. server_name()
1259							. ( server_port() != 80 ? ':' . server_port() : '' )
1260							. script_name();
1261							}
1262
1263	2			2	0	9	sub MyURL { MyBaseUrl() }
1264
1265							sub MyFullUrl {
1266	4			4	0	21	local $^W = 0;
1267							MyBaseUrl()
1268							. $ENV{'PATH_INFO'}
1269	4	100				13	. ( $ENV{'QUERY_STRING'} ? "?$ENV{'QUERY_STRING'}" : '' );
1270							}
1271
1272							sub PrintHeader {
1273	2	50		2	0	19	ref $_[0] ? $_[0]->header() : "Content-Type: text/html\n\n";
1274							}
1275
1276							sub HtmlTop {
1277	3			3	0	14	&_shift_if_ref;
1278	3					19	"\n\n$_[0]\n\n\n $_[0] \n";
1279							}
1280
1281	2			2	0	15	sub HtmlBot { "\n\n" }
1282
1283	2			2	0	10	sub PrintVariables { &_shift_if_ref; &Dump }
	2					8
1284
1285	2			2	1	8	sub PrintEnv { &Dump( \%ENV ) }
1286
1287	0			0	0	0	sub CgiDie { CgiError( @_ ); die @_ }
	0					0
1288
1289							sub CgiError {
1290	0			0	0	0	&_shift_if_ref;
1291							@_
1292	0	0				0	= @_
1293							? @_
1294							: ( "Error: script " . MyFullUrl() . " encountered fatal error\n" );
1295	0					0	print PrintHeader(), HtmlTop( shift ), ( map { " $_ \n" } @_ ),
	0					0
1296							HtmlBot();
1297							}
1298
1299							################ Accessor Methods ################
1300
1301	2			2	1	21	sub version { $VERSION }
1302
1303							sub nph {
1304	4	100		4	1	23	$_[0]->{'.globals'}->{'NPH'} = $_[1] if defined $_[1];
1305	4					53	return $_[0]->{'.globals'}->{'NPH'};
1306							}
1307
1308	4			4	1	21	sub all_parameters { $_[0]->param }
1309
1310							sub charset {
1311	47			47	1	3690	require CGI::Simple::Util;
1312	47					200	$CGI::Simple::Util::UTIL->charset( $_[1] );
1313							}
1314
1315							sub globals {
1316	16			16	1	2973	my ( $self, $global, $value ) = @_;
1317	16	100				56	return keys %{ $self->{'.globals'} } unless $global;
	6					44
1318	10	100				37	$self->{'.globals'}->{$global} = $value if defined $value;
1319	10					52	return $self->{'.globals'}->{$global};
1320							}
1321
1322	2			2	1	14	sub auth_type { $ENV{'AUTH_TYPE'} }
1323	2			2	1	895	sub content_length { $ENV{'CONTENT_LENGTH'} }
1324	2			2	1	882	sub content_type { $ENV{'CONTENT_TYPE'} }
1325	2			2	1	895	sub document_root { $ENV{'DOCUMENT_ROOT'} }
1326	2			2	1	861	sub gateway_interface { $ENV{'GATEWAY_INTERFACE'} }
1327	2			2	1	847	sub path_translated { $ENV{'PATH_TRANSLATED'} }
1328	2			2	1	885	sub referer { $ENV{'HTTP_REFERER'} }
1329	2	50		2	1	850	sub remote_addr { $ENV{'REMOTE_ADDR'} \|\| '127.0.0.1' }
1330
1331							sub remote_host {
1332	2	0	33	2	1	900	$ENV{'REMOTE_HOST'} \|\| $ENV{'REMOTE_ADDR'} \|\| 'localhost';
1333							}
1334
1335	2			2	1	867	sub remote_ident { $ENV{'REMOTE_IDENT'} }
1336	2			2	1	893	sub remote_user { $ENV{'REMOTE_USER'} }
1337	13			13	1	6913	sub request_method { $ENV{'REQUEST_METHOD'} }
1338	81	50	66	81	1	1202	sub script_name { $ENV{'SCRIPT_NAME'} \|\| $0 \|\| '' }
1339	38	100		38	1	1005	sub server_name { $ENV{'SERVER_NAME'} \|\| 'localhost' }
1340	76	100		76	1	1159	sub server_port { $ENV{'SERVER_PORT'} \|\| 80 }
1341	30	100		30	1	1016	sub server_protocol { $ENV{'SERVER_PROTOCOL'} \|\| 'HTTP/1.0' }
1342	16	50		16	1	961	sub server_software { $ENV{'SERVER_SOFTWARE'} \|\| 'cmdline' }
1343
1344							sub user_name {
1345	2	0	33	2	1	867	$ENV{'HTTP_FROM'} \|\| $ENV{'REMOTE_IDENT'} \|\| $ENV{'REMOTE_USER'};
1346							}
1347
1348							sub user_agent {
1349	6			6	1	2585	my ( $self, $match ) = @_;
1350							return $match
1351							? $ENV{'HTTP_USER_AGENT'} =~ /\Q$match\E/i
1352	6	100				126	: $ENV{'HTTP_USER_AGENT'};
1353							}
1354
1355							sub virtual_host {
1356	2		33	2	1	872	my $vh = $ENV{'HTTP_HOST'} \|\| $ENV{'SERVER_NAME'};
1357	2					8	$vh =~ s/:\d+$//; # get rid of port number
1358	2					11	return $vh;
1359							}
1360
1361							sub path_info {
1362	70			70	1	3566	my ( $self, $info ) = @_;
1363	70	100				244	if ( defined $info ) {
		100
1364	4	100				25	$info = "/$info" if $info !~ m\|^/\|;
1365	4					13	$self->{'.path_info'} = $info;
1366							}
1367							elsif ( !defined( $self->{'.path_info'} ) ) {
1368							$self->{'.path_info'}
1369	10	100				62	= defined( $ENV{'PATH_INFO'} ) ? $ENV{'PATH_INFO'} : '';
1370
1371							# hack to fix broken path info in IIS source CGI.pm
1372							$self->{'.path_info'} =~ s/^\Q$ENV{'SCRIPT_NAME'}\E//
1373							if defined( $ENV{'SERVER_SOFTWARE'} )
1374	10	50	66			90	&& $ENV{'SERVER_SOFTWARE'} =~ /IIS/;
1375							}
1376	70					153	return $self->{'.path_info'};
1377							}
1378
1379							sub accept {
1380	8			8	1	23	my ( $self, $search ) = @_;
1381	8					14	my %prefs;
1382	8					40	for my $accept ( split ',', $ENV{'HTTP_ACCEPT'} ) {
1383	40					157	( my $pref ) = $accept =~ m\|q=([\d\.]+)\|;
1384	40					174	( my $type ) = $accept =~ m\|(\S+/[^;]+)\|;
1385	40	50				92	next unless $type;
1386	40		100			151	$prefs{$type} = $pref \|\| 1;
1387							}
1388	8	100				54	return keys %prefs unless $search;
1389	4	100				29	return $prefs{$search} if $prefs{$search};
1390
1391							# Didn't get it, so try pattern matching.
1392	2					9	for my $pref ( keys %prefs ) {
1393	5	100				18	next unless $pref =~ m/\*/; # not a pattern match
1394	2					23	( my $pat = $pref ) =~ s/([^\w*])/\\$1/g; # escape meta characters
1395	2					10	$pat =~ s/\/./g; # turn it into a pattern
1396	2	50				54	return $prefs{$pref} if $search =~ /$pat/;
1397							}
1398							}
1399
1400	8			8	1	2653	sub Accept { my $self = shift; $self->accept( @_ ) }
	8					27
1401
1402							sub http {
1403	45			45	1	3948	my ( $self, $parameter ) = @_;
1404	45	100				117	if ( defined $parameter ) {
1405	41					149	( $parameter = uc $parameter ) =~ tr/-/_/;
1406	41	100				139	return $ENV{$parameter} if $parameter =~ m/^HTTP/;
1407	37	50				159	return $ENV{"HTTP_$parameter"} if $parameter;
1408							}
1409	4					62	return grep { /^HTTP/ } keys %ENV;
	224					428
1410							}
1411
1412							sub https {
1413	8			8	1	3020	my ( $self, $parameter ) = @_;
1414	8	100				40	return $ENV{'HTTPS'} unless $parameter;
1415	6					22	( $parameter = uc $parameter ) =~ tr/-/_/;
1416	6	100				35	return $ENV{$parameter} if $parameter =~ /^HTTPS/;
1417	4					21	return $ENV{"HTTPS_$parameter"};
1418							}
1419
1420							sub protocol {
1421	32			32	1	2716	local ( $^W ) = 0;
1422	32					53	my $self = shift;
1423	32	100				119	return 'https' if uc $ENV{'HTTPS'} eq 'ON';
1424	30	100				82	return 'https' if $self->server_port == 443;
1425	28					80	my ( $protocol, $version ) = split '/', $self->server_protocol;
1426	28					101	return lc $protocol;
1427							}
1428
1429							sub url {
1430	62			62	1	1015	my ( $self, @p ) = @_;
1431	21			21		200	use CGI::Simple::Util 'rearrange';
	21					40
	21					23517
1432	62					326	my ( $relative, $absolute, $full, $path_info, $query, $base )
1433							= rearrange(
1434							[
1435							'RELATIVE', 'ABSOLUTE', 'FULL',
1436							[ 'PATH', 'PATH_INFO' ],
1437							[ 'QUERY', 'QUERY_STRING' ], 'BASE'
1438							],
1439							@p
1440							);
1441	62					146	my $url;
1442	62	100	100			353	$full++ if $base \|\| !( $relative \|\| $absolute );
			66
1443	62					143	my $path = $self->path_info;
1444	62					188	my $script_name = $self->script_name;
1445	62	100				146	if ( $full ) {
		100
		50
1446	26					65	my $protocol = $self->protocol();
1447	26					49	$url = "$protocol://";
1448	26					57	my $vh = $self->http( 'host' );
1449	26	50				71	if ( $vh ) {
1450	0					0	$url .= $vh;
1451							}
1452							else {
1453	26					50	$url .= server_name();
1454	26					52	my $port = $self->server_port;
1455	26	50	66			240	$url .= ":" . $port
			33
			66
1456							unless ( lc( $protocol ) eq 'http' && $port == 80 )
1457							or ( lc( $protocol ) eq 'https' && $port == 443 );
1458							}
1459	26	50				58	return $url if $base;
1460	26					62	$url .= $script_name;
1461							}
1462							elsif ( $relative ) {
1463	27					182	( $url ) = $script_name =~ m#([^/]+)$#;
1464							}
1465							elsif ( $absolute ) {
1466	9					19	$url = $script_name;
1467							}
1468	62	100	66			186	$url .= $path if $path_info and defined $path;
1469	62	100	100			289	$url .= "?" . $self->query_string if $query and $self->query_string;
1470	62	50				109	$url = '' unless defined $url;
1471	62					156	$url
1472	0					0	=~ s/([^a-zA-Z0-9_.%;&?\/\\:+=~-])/uc sprintf("%%%02x",ord($1))/eg;
1473	62					297	return $url;
1474							}
1475
1476							sub self_url {
1477	17			17	1	40	my ( $self, @params ) = @_;
1478	17					60	return $self->url(
1479							'-path_info' => 1,
1480							'-query' => 1,
1481							'-full' => 1,
1482							@params
1483							);
1484							}
1485
1486	2			2	1	894	sub state { self_url( @_ ) } # CGI.pm synonym routine
1487
1488							1;
1489
1490							=head1 NAME
1491
1492							CGI::Simple - A Simple totally OO CGI interface that is CGI.pm compliant
1493
1494							=head1 VERSION
1495
1496							This document describes CGI::Simple version 1.282.
1497
1498							=head1 SYNOPSIS
1499
1500							use CGI::Simple;
1501							$CGI::Simple::POST_MAX = 1024; # max upload via post default 100kB
1502							$CGI::Simple::DISABLE_UPLOADS = 0; # enable uploads
1503
1504							$q = CGI::Simple->new;
1505							$q = CGI::Simple->new( { 'foo'=>'1', 'bar'=>[2,3,4] } );
1506							$q = CGI::Simple->new( 'foo=1&bar=2&bar=3&bar=4' );
1507							$q = CGI::Simple->new( \*FILEHANDLE );
1508
1509							$q->save( \*FILEHANDLE ); # save current object to a file as used by new
1510
1511							@params = $q->param; # return all param names as a list
1512							$value = $q->param('foo'); # return the first value supplied for 'foo'
1513							@values = $q->param('foo'); # return all values supplied for foo
1514
1515							%fields = $q->Vars; # returns untied key value pair hash
1516							$hash_ref = $q->Vars; # or as a hash ref
1517							%fields = $q->Vars("\|"); # packs multiple values with "\|" rather than "\0";
1518
1519							@keywords = $q->keywords; # return all keywords as a list
1520
1521							$q->param( 'foo', 'some', 'new', 'values' ); # set new 'foo' values
1522							$q->param( -name=>'foo', -value=>'bar' );
1523							$q->param( -name=>'foo', -value=>['bar','baz'] );
1524
1525							$q->param( 'foo', 'some', 'new', 'values' ); # append values to 'foo'
1526							$q->append( -name=>'foo', -value=>'bar' );
1527							$q->append( -name=>'foo', -value=>['some', 'new', 'values'] );
1528
1529							$q->delete('foo'); # delete param 'foo' and all its values
1530							$q->delete_all; # delete everything
1531
1532
1533
1534							$files = $q->upload() # number of files uploaded
1535							@files = $q->upload(); # names of all uploaded files
1536							$filename = $q->param('upload_file') # filename of uploaded file
1537							$mime = $q->upload_info($filename,'mime'); # MIME type of uploaded file
1538							$size = $q->upload_info($filename,'size'); # size of uploaded file
1539
1540							my $fh = $q->upload($filename); # get filehandle to read from
1541							while ( read( $fh, $buffer, 1024 ) ) { ... }
1542
1543							# short and sweet upload
1544							$ok = $q->upload( $q->param('upload_file'), '/path/to/write/file.name' );
1545							print "Uploaded ".$q->param('upload_file')." and wrote it OK!" if $ok;
1546
1547							$decoded = $q->url_decode($encoded);
1548							$encoded = $q->url_encode($unencoded);
1549							$escaped = $q->escapeHTML('<>"&');
1550							$unescaped = $q->unescapeHTML('<>"&');
1551
1552							$qs = $q->query_string; # get all data in $q as a query string OK for GET
1553
1554							$q->no_cache(1); # set Pragma: no-cache + expires
1555							print $q->header(); # print a simple header
1556							# get a complex header
1557							$header = $q->header( -type => 'image/gif'
1558							-nph => 1,
1559							-status => '402 Payment required',
1560							-expires =>'+24h',
1561							-cookie => $cookie,
1562							-charset => 'utf-7',
1563							-attachment => 'foo.gif',
1564							-Cost => '$2.00'
1565							);
1566							# a p3p header (OK for redirect use as well)
1567							$header = $q->header( -p3p => 'policyref="http://somesite.com/P3P/PolicyReferences.xml' );
1568
1569							@cookies = $q->cookie(); # get names of all available cookies
1570							$value = $q->cookie('foo') # get first value of cookie 'foo'
1571							@value = $q->cookie('foo') # get all values of cookie 'foo'
1572							# get a cookie formatted for header() method
1573							$cookie = $q->cookie( -name => 'Password',
1574							-values => ['superuser','god','my dog woofie'],
1575							-expires => '+3d',
1576							-domain => '.nowhere.com',
1577							-path => '/cgi-bin/database',
1578							-secure => 1
1579							);
1580							print $q->header( -cookie=>$cookie ); # set cookie
1581
1582							print $q->redirect('http://go.away.now'); # print a redirect header
1583
1584							dienice( $q->cgi_error ) if $q->cgi_error;
1585
1586							=head1 DESCRIPTION
1587
1588							CGI::Simple provides a relatively lightweight drop in replacement for CGI.pm.
1589							It shares an identical OO interface to CGI.pm for parameter parsing, file
1590							upload, cookie handling and header generation. This module is entirely object
1591							oriented, however a complete functional interface is available by using the
1592							CGI::Simple::Standard module.
1593
1594							Essentially everything in CGI.pm that relates to the CGI (not HTML) side of
1595							things is available. There are even a few new methods and additions to old
1596							ones! If you are interested in what has gone on under the hood see the
1597							Compatibility with CGI.pm section at the end.
1598
1599							In practical testing this module loads and runs about twice as fast as CGI.pm
1600							depending on the precise task.
1601
1602							=head1 CALLING CGI::Simple ROUTINES USING THE OBJECT INTERFACE
1603
1604							Here is a very brief rundown on how you use the interface. Full details
1605							follow.
1606
1607							=head2 First you need to initialize an object
1608
1609							Before you can call a CGI::Simple method you must create a CGI::Simple object.
1610							You do that by using the module and then calling the new() constructor:
1611
1612							use CGI::Simple;
1613							my $q = CGI::Simple->new;
1614
1615							It is traditional to call your object $q for query or perhaps $cgi.
1616
1617							=head2 Next you call methods on that object
1618
1619							Once you have your object you can call methods on it using the -> arrow
1620							syntax For example to get the names of all the parameters passed to your
1621							script you would just write:
1622
1623							@names = $q->param();
1624
1625							Many methods are sensitive to the context in which you call them. In the
1626							example above the B method returns a list of all the parameter names
1627							when called without any arguments.
1628
1629							When you call B with a single argument it assumes you want
1630							to get the value(s) associated with that argument (parameter). If you ask
1631							for an array it gives you an array of all the values associated with it's
1632							argument:
1633
1634							@values = $q->param('foo'); # get all the values for 'foo'
1635
1636							whereas if you ask for a scalar like this:
1637
1638							$value = $q->param('foo'); # get only the first value for 'foo'
1639
1640							then it returns only the first value (if more than one value for
1641							'foo' exists).
1642
1643							In case you ased for a list it will return all the values preserving the
1644							order in which the values of the given key were passed in the request.
1645
1646							Most CGI::Simple routines accept several arguments, sometimes as many as
1647							10 optional ones! To simplify this interface, all routines use a named
1648							argument calling style that looks like this:
1649
1650							print $q->header( -type=>'image/gif', -expires=>'+3d' );
1651
1652							Each argument name is preceded by a dash. Neither case nor order
1653							matters in the argument list. -type, -Type, and -TYPE are all
1654							acceptable.
1655
1656							Several routines are commonly called with just one argument. In the
1657							case of these routines you can provide the single argument without an
1658							argument name. B happens to be one of these routines. In this
1659							case, the single argument is the document type.
1660
1661							print $q->header('text/html');
1662
1663							Sometimes methods expect a scalar, sometimes a reference to an
1664							array, and sometimes a reference to a hash. Often, you can pass any
1665							type of argument and the routine will do whatever is most appropriate.
1666							For example, the B method can be used to set a CGI parameter to a
1667							single or a multi-valued value. The two cases are shown below:
1668
1669							$q->param(-name=>'veggie',-value=>'tomato');
1670							$q->param(-name=>'veggie',-value=>['tomato','tomahto','potato','potahto']);
1671
1672							=head1 CALLING CGI::Simple ROUTINES USING THE FUNCTION INTERFACE
1673
1674							For convenience a functional interface is provided by the
1675							CGI::Simple::Standard module. This hides the OO details from you and allows
1676							you to simply call methods. You may either use AUTOLOADING of methods or
1677							import specific method sets into you namespace. Here are the first few
1678							examples again using the function interface.
1679
1680							use CGI::Simple::Standard qw(-autoload);
1681							@names = param();
1682							@values = param('foo');
1683							$value = param('foo');
1684							print header(-type=>'image/gif',-expires=>'+3d');
1685							print header('text/html');
1686
1687							Yes that's it. Not a $q-> in sight. You just use the module and select
1688							how/which methods to load. You then just call the methods you want exactly
1689							as before but without the $q-> notation.
1690
1691							When (if) you read the following docs and are using the functional interface
1692							just pretend the $q-> is not there.
1693
1694							=head2 Selecting which methods to load
1695
1696							When you use the functional interface Perl needs to be able to find the
1697							functions you call. The simplest way of doing this is to use autoloading as
1698							shown above. When you use CGI::Simple::Standard with the '-autoload' pragma
1699							it exports a single AUTOLOAD sub into you namespace. Every time you call a
1700							non existent function AUTOLOAD is called and will load the required
1701							function and install it in your namespace. Thus only the AUTOLOAD sub and
1702							those functions you specifically call will be imported.
1703
1704							Alternatively CGI::Simple::Standard provides a range of function sets you can
1705							import or you can just select exactly what you want. You do this using the
1706							familiar
1707
1708							use CGI::Simple::Standard qw( :func_set some_func);
1709
1710							notation. This will import the ':func_set' function set and the specific
1711							function 'some_func'.
1712
1713							=head2 To Autoload or not to Autoload, that is the question.
1714
1715							If you do not have a AUTOLOAD sub in you script it is generally best to use
1716							the '-autoload' option. Under autoload you can use any method you want but
1717							only import and compile those functions you actually use.
1718
1719							If you do not use autoload you must specify what functions to import. You can
1720							only use functions that you have imported. For comvenience functions are
1721							grouped into related sets. If you choose to import one or more ':func_set'
1722							you may have potential namespace collisions so check out the docs to see
1723							what gets imported. Using the ':all' tag is pretty slack but it is there
1724							if you want. Full details of the function sets are provided in the
1725							CGI::Simple::Standard docs
1726
1727							If you just want say the param and header methods just load these two.
1728
1729							use CGI::Simple::Standard qw(param header);
1730
1731							=head2 Setting globals using the functional interface
1732
1733							Where you see global variables being set using the syntax:
1734
1735							$CGI::Simple::DEBUG = 1;
1736
1737							You use exactly the same syntax when using CGI::Simple::Standard.
1738
1739							=cut
1740
1741							################ The Core Methods ################
1742
1743							=head1 THE CORE METHODS
1744
1745							=head2 new() Creating a new query object
1746
1747							The first step in using CGI::Simple is to create a new query object using
1748							the B constructor:
1749
1750							$q = CGI::Simple->new;
1751
1752							This will parse the input (from both POST and GET methods) and store
1753							it into an object called $q.
1754
1755							If you provide a file handle to the B method, it will read
1756							parameters from the file (or STDIN, or whatever).
1757
1758							Historically people were doing this way:
1759
1760							open FH, "test.in" or die $!;
1761							$q = CGI::Simple->new(\*FH);
1762
1763							but this is the recommended way:
1764
1765							open $fh, '<', "test.in" or die $!;
1766							$q = CGI::Simple->new($fh);
1767
1768							The file should be a series of newline delimited TAG=VALUE pairs.
1769							Conveniently, this type of file is created by the B method
1770							(see below). Multiple records can be saved and restored.
1771							IO::File objects work fine.
1772
1773							If you are using the function-oriented interface provided by
1774							CGI::Simple::Standard and want to initialize from a file handle,
1775							the way to do this is with B. This will (re)initialize
1776							the default CGI::Simple object from the indicated file handle.
1777
1778							restore_parameters($fh);
1779
1780							In fact for all intents and purposes B is identical
1781							to B Note that B does not exist in
1782							CGI::Simple itself so you can't use it.
1783
1784							You can also initialize the query object from an associative array
1785							reference:
1786
1787							$q = CGI::Simple->new( { 'dinosaur' => 'barney',
1788							'song' => 'I love you',
1789							'friends' => [qw/Jessica George Nancy/] }
1790							);
1791
1792							or from a properly formatted, URL-escaped query string:
1793
1794							$q = CGI::Simple->new( 'dinosaur=barney&color=purple' );
1795
1796							or from a previously existing CGI::Simple object (this generates an identical clone
1797							including all global variable settings, etc that are stored in the object):
1798
1799							$old_query = CGI::Simple->new;
1800							$new_query = CGI::Simple->new($old_query);
1801
1802							To create an empty query, initialize it from an empty string or hash:
1803
1804							$empty_query = CGI::Simple->new("");
1805
1806							-or-
1807
1808							$empty_query = CGI::Simple->new({});
1809
1810							=head2 keywords() Fetching a list of keywords from a query
1811
1812							@keywords = $q->keywords;
1813
1814							If the script was invoked as the result of an search, the
1815							parsed keywords can be obtained as an array using the B method.
1816
1817							=head2 param() Fetching the names of all parameters passed to your script
1818
1819							@names = $q->param;
1820
1821							If the script was invoked with a parameter list
1822							(e.g. "name1=value1&name2=value2&name3=value3"), the B method
1823							will return the parameter names as a list. If the script was invoked
1824							as an script and contains a string without ampersands
1825							(e.g. "value1+value2+value3") , there will be a single parameter named
1826							"keywords" containing the "+"-delimited keywords.
1827
1828							NOTE: The array of parameter names returned will
1829							be in the same order as they were submitted by the browser.
1830							Usually this order is the same as the order in which the
1831							parameters are defined in the form (however, this isn't part
1832							of the spec, and so isn't guaranteed).
1833
1834							=head2 param() Fetching the value or values of a simple named parameter
1835
1836							@values = $q->param('foo');
1837
1838							-or-
1839
1840							$value = $q->param('foo');
1841
1842							Pass the B method a single argument to fetch the value of the
1843							named parameter. If the parameter is multi-valued (e.g. from multiple
1844							selections in a scrolling list), you can ask to receive an array. Otherwise
1845							the method will return a single value.
1846
1847							If a value is not given in the query string, as in the queries
1848							"name1=&name2=" or "name1&name2", it will be returned by default
1849							as an empty string. If you set the global variable:
1850
1851							$CGI::Simple::NO_UNDEF_PARAMS = 1;
1852
1853							Then value-less parameters will be ignored, and will not exist in the
1854							query object. If you try to access them via param you will get an undef
1855							return value.
1856
1857							=head2 param() Setting the values of a named parameter
1858
1859							$q->param('foo','an','array','of','values');
1860
1861							This sets the value for the named parameter 'foo' to an array of
1862							values. This is one way to change the value of a field.
1863
1864							B also recognizes a named parameter style of calling described
1865							in more detail later:
1866
1867							$q->param(-name=>'foo',-values=>['an','array','of','values']);
1868
1869							-or-
1870
1871							$q->param(-name=>'foo',-value=>'the value');
1872
1873							=head2 param() Retrieving non-application/x-www-form-urlencoded data
1874
1875							If POSTed or PUTed data is not of type application/x-www-form-urlencoded or multipart/form-data,
1876							then the data will not be processed, but instead be returned as-is in a parameter named POSTDATA
1877							or PUTDATA. To retrieve it, use code like this:
1878
1879							my $data = $q->param( 'POSTDATA' );
1880
1881							-or-
1882
1883							my $data = $q->param( 'PUTDATA' );
1884
1885							(If you don't know what the preceding means, don't worry about it. It only affects people trying
1886							to use CGI::Simple for REST webservices)
1887
1888							=head2 add_param() Setting the values of a named parameter
1889
1890							You nay also use the new method B to add parameters. This is an
1891							alias to the _add_param() internal method that actually does all the work.
1892							You can call it like this:
1893
1894							$q->add_param('foo', 'new');
1895							$q->add_param('foo', [1,2,3,4,5]);
1896							$q->add_param( 'foo', 'bar', 'overwrite' );
1897
1898							The first argument is the parameter, the second the value or an array ref
1899							of values and the optional third argument sets overwrite mode. If the third
1900							argument is absent of false the values will be appended. If true the values
1901							will overwrite any existing ones
1902
1903							=head2 append() Appending values to a named parameter
1904
1905							$q->append(-name=>'foo',-values=>['yet','more','values']);
1906
1907							This adds a value or list of values to the named parameter. The
1908							values are appended to the end of the parameter if it already exists.
1909							Otherwise the parameter is created. Note that this method only
1910							recognizes the named argument calling syntax.
1911
1912							=head2 import_names() Importing all parameters into a namespace.
1913
1914							This method was silly, non OO and has been deleted. You can get all the params
1915							as a hash using B or via all the other accessors.
1916
1917							=head2 delete() Deleting a parameter completely
1918
1919							$q->delete('foo');
1920
1921							This completely clears a parameter. If you are using the function call
1922							interface, use B instead to avoid conflicts with Perl's
1923							built-in delete operator.
1924
1925							If you are using the function call interface, use B instead to
1926							avoid conflicts with Perl's built-in delete operator.
1927
1928							=head2 delete_all() Deleting all parameters
1929
1930							$q->delete_all();
1931
1932							This clears the CGI::Simple object completely. For CGI.pm compatibility
1933							B is provided however there is no reason to use this in the
1934							function call interface other than symmetry.
1935
1936							For CGI.pm compatibility B is provided as an alias for
1937							B however there is no reason to use this, even in the
1938							function call interface.
1939
1940							=head2 param_fetch() Direct access to the parameter list
1941
1942							This method is provided for CGI.pm compatibility only. It returns an
1943							array ref to the values associated with a named param. It is deprecated.
1944
1945							=head2 Vars() Fetching the entire parameter list as a hash
1946
1947							$params = $q->Vars; # as a tied hash ref
1948							print $params->{'address'};
1949							@foo = split "\0", $params->{'foo'};
1950
1951							%params = $q->Vars; # as a plain hash
1952							print $params{'address'};
1953							@foo = split "\0", $params{'foo'};
1954
1955							%params = $q->Vars(','); # specifying a different separator than "\0"
1956							@foo = split ',', $params{'foo'};
1957
1958							Many people want to fetch the entire parameter list as a hash in which
1959							the keys are the names of the CGI parameters, and the values are the
1960							parameters' values. The B method does this.
1961
1962							Called in a scalar context, it returns the parameter list as a tied
1963							hash reference. Because this hash ref is tied changing a key/value
1964							changes the underlying CGI::Simple object.
1965
1966							Called in a list context, it returns the parameter list as an ordinary hash.
1967							Changing this hash will not change the underlying CGI::Simple object
1968
1969							When using B, the thing you must watch out for are multi-valued CGI
1970							parameters. Because a hash cannot distinguish between scalar and
1971							list context, multi-valued parameters will be returned as a packed
1972							string, separated by the "\0" (null) character. You must split this
1973							packed string in order to get at the individual values. This is the
1974							convention introduced long ago by Steve Brenner in his cgi-lib.pl
1975							module for Perl version 4.
1976
1977							You can change the character used to do the multiple value packing by passing
1978							it to B as an argument as shown.
1979
1980							=head2 url_param() Access the QUERY_STRING regardless of 'GET' or 'POST'
1981
1982							The B method makes the QUERY_STRING data available regardless
1983							of whether the REQUEST_METHOD was 'GET' or 'POST'. You can do anything
1984							with B that you can do with B, however the data set
1985							is completely independent.
1986
1987							Technically what happens if you use this method is that the QUERY_STRING data
1988							is parsed into a new CGI::Simple object which is stored within the current
1989							object. B then just calls B on this new object.
1990
1991							=head2 parse_query_string() Add QUERY_STRING data to 'POST' requests
1992
1993							When the REQUEST_METHOD is 'POST' the default behavior is to ignore
1994							name/value pairs or keywords in the $ENV{'QUERY_STRING'}. You can override
1995							this by calling B which will add the QUERY_STRING data to
1996							the data already in our CGI::Simple object if the REQUEST_METHOD was 'POST'
1997
1998							$q = CGI::Simple->new;
1999							$q->parse_query_string; # add $ENV{'QUERY_STRING'} data to our $q object
2000
2001							If the REQUEST_METHOD was 'GET' then the QUERY_STRING will already be
2002							stored in our object so B will be ignored.
2003
2004							This is a new method in CGI::Simple that is not available in CGI.pm
2005
2006							=head2 save() Saving the state of an object to file
2007
2008							$q->save(\*FILEHANDLE)
2009
2010							This will write the current state of the form to the provided
2011							filehandle. You can read it back in by providing a filehandle
2012							to the B method.
2013
2014							The format of the saved file is:
2015
2016							NAME1=VALUE1
2017							NAME1=VALUE1'
2018							NAME2=VALUE2
2019							NAME3=VALUE3
2020							=
2021
2022							Both name and value are URL escaped. Multi-valued CGI parameters are
2023							represented as repeated names. A session record is delimited by a
2024							single = symbol. You can write out multiple records and read them
2025							back in with several calls to B.
2026
2027							open my $fh, '<', "test.in" or die $!;
2028							$q1 = CGI::Simple->new($fh); # get the first record
2029							$q2 = CGI::Simple->new($fh); # get the next record
2030
2031							Note: If you wish to use this method from the function-oriented (non-OO)
2032							interface, the exported name for this method is B.
2033							Also if you want to initialize from a file handle, the way to do this is
2034							with B. This will (re)initialize
2035							the default CGI::Simple object from the indicated file handle.
2036
2037							restore_parameters($fh);
2038
2039							=cut
2040
2041							################ Uploading Files ###################
2042
2043							=head1 FILE UPLOADS
2044
2045							File uploads are easy with CGI::Simple. You use the B method.
2046							Assuming you have the following in your HTML:
2047
2048
2049							METHOD="POST"
2050							ACTION="http://somewhere.com/cgi-bin/script.cgi"
2051							ENCTYPE="multipart/form-data">
2052
2053
2054
2055
2056							Note that the ENCTYPE is "multipart/form-data". You must specify this or the
2057							browser will default to "application/x-www-form-urlencoded" which will result
2058							in no files being uploaded although on the surface things will appear OK.
2059
2060							When the user submits this form any supplied files will be spooled onto disk
2061							and saved in temporary files. These files will be deleted when your script.cgi
2062							exits so if you want to keep them you will need to proceed as follows.
2063
2064							=head2 upload() The key file upload method
2065
2066							The B method is quite versatile. If you call B without
2067							any arguments it will return a list of uploaded files in list context and
2068							the number of uploaded files in scalar context.
2069
2070							$number_of_files = $q->upload;
2071							@list_of_files = $q->upload;
2072
2073							Having established that you have uploaded files available you can get the
2074							browser supplied filename using B like this:
2075
2076							$filename1 = $q->param('upload_file1');
2077
2078							You can then get a filehandle to read from by calling B and
2079							supplying this filename as an argument. Warning: do not modify the
2080							value you get from B in any way - you don't need to untaint it.
2081
2082							$fh = $q->upload( $filename1 );
2083
2084							Now to save the file you would just do something like:
2085
2086							$save_path = '/path/to/write/file.name';
2087							open my $out, '>', $save_path or die "Oops $!\n";
2088							binmode $out;
2089							print $out $buffer while read( $fh, $buffer, 4096 );
2090							close $out;
2091
2092							By utilizing a new feature of the upload method this process can be
2093							simplified to:
2094
2095							$ok = $q->upload( $q->param('upload_file1'), '/path/to/write/file.name' );
2096							if ($ok) {
2097							print "Uploaded and wrote file OK!";
2098							} else {
2099							print $q->cgi_error();
2100							}
2101
2102							As you can see upload will accept an optional second argument and will write
2103							the file to this file path. It will return 1 for success and undef if it
2104							fails. If it fails you can get the error from B
2105
2106							You can also use just the fieldname as an argument to upload ie:
2107
2108							$fh = $q->upload( 'upload_field_name' );
2109
2110							or
2111
2112							$ok = $q->upload( 'upload_field_name', '/path/to/write/file.name' );
2113
2114							BUT there is a catch. If you have multiple upload fields, all called
2115							'upload_field_name' then you will only get the last uploaded file from
2116							these fields.
2117
2118							=head2 upload_info() Get the details about uploaded files
2119
2120							The B method is a new method. Called without arguments it
2121							returns the number of uploaded files in scalar context and the names of
2122							those files in list context.
2123
2124							$number_of_upload_files = $q->upload_info();
2125							@filenames_of_all_uploads = $q->upload_info();
2126
2127							You can get the MIME type of an uploaded file like this:
2128
2129							$mime = $q->upload_info( $filename1, 'mime' );
2130
2131							If you want to know how big a file is before you copy it you can get that
2132							information from B which will return the file size in bytes.
2133
2134							$file_size = $q->upload_info( $filename1, 'size' );
2135
2136							The size attribute is optional as this is the default value returned.
2137
2138							Note: The old CGI.pm B method has been deleted.
2139
2140							=head2 $POST_MAX and $DISABLE_UPLOADS
2141
2142							CGI.pm has a default setting that allows infinite size file uploads by
2143							default. In contrast file uploads are disabled by default in CGI::Simple
2144							to discourage Denial of Service attacks. You must enable them before you
2145							expect file uploads to work.
2146
2147							When file uploads are disabled the file name and file size details will
2148							still be available from B and B respectively but
2149							the upload filehandle returned by B will be undefined - not
2150							surprising as the underlying temp file will not exist either.
2151
2152							You can enable uploads using the '-upload' pragma. You do this by specifying
2153							this in you use statement:
2154
2155							use CGI::Simple qw(-upload);
2156
2157							Alternatively you can enable uploads via the $DISABLE_UPLOADS global like this:
2158
2159							use CGI::Simple;
2160							$CGI::Simple::DISABLE_UPLOADS = 0;
2161							$q = CGI::Simple->new;
2162
2163							If you wish to set $DISABLE_UPLOADS you must do this after the
2164							use statement and before the new constructor call as shown above.
2165
2166							The maximum acceptable data via post is capped at 102_400kB rather than
2167							infinity which is the CGI.pm default. This should be ample for most tasks
2168							but you can set this to whatever you want using the $POST_MAX global.
2169
2170							use CGI::Simple;
2171							$CGI::Simple::DISABLE_UPLOADS = 0; # enable uploads
2172							$CGI::Simple::POST_MAX = 1_048_576; # allow 1MB uploads
2173							$q = CGI::Simple->new;
2174
2175							If you set to -1 infinite size uploads will be permitted, which is the CGI.pm
2176							default.
2177
2178							$CGI::Simple::POST_MAX = -1; # infinite size upload
2179
2180							Alternatively you can specify all the CGI.pm default values which allow file
2181							uploads of infinite size in one easy step by specifying the '-default' pragma
2182							in your use statement.
2183
2184							use CGI::Simple qw( -default ..... );
2185
2186							=head2 binmode() and Win32
2187
2188							If you are using CGI::Simple be sure to call B on any handle that
2189							you create to write the uploaded file to disk. Calling B will do
2190							no harm on other systems anyway.
2191
2192							=cut
2193
2194							################ Miscellaneous Methods ################
2195
2196							=head1 MISCELANEOUS METHODS
2197
2198							=head2 escapeHTML() Escaping HTML special characters
2199
2200							In HTML the < > " and & chars have special meaning and need to be
2201							escaped to < > " and & respectively.
2202
2203							$escaped = $q->escapeHTML( $string );
2204
2205							$escaped = $q->escapeHTML( $string, 'new_lines_too' );
2206
2207							If the optional second argument is supplied then newlines will be escaped to.
2208
2209							=head2 unescapeHTML() Unescape HTML special characters
2210
2211							This performs the reverse of B.
2212
2213							$unescaped = $q->unescapeHTML( $HTML_escaped_string );
2214
2215							=head2 url_decode() Decode a URL encoded string
2216
2217							This method will correctly decode a url encoded string.
2218
2219							$decoded = $q->url_decode( $encoded );
2220
2221							=head2 url_encode() URL encode a string
2222
2223							This method will correctly URL encode a string.
2224
2225							$encoded = $q->url_encode( $string );
2226
2227							=head2 parse_keywordlist() Parse a supplied keyword list
2228
2229							@keywords = $q->parse_keywordlist( $keyword_list );
2230
2231							This method returns a list of keywords, correctly URL escaped and split out
2232							of the supplied string
2233
2234							=head2 put() Send output to browser
2235
2236							CGI.pm alias for print. $q->put('Hello World!') will print the usual
2237
2238							=head2 print() Send output to browser
2239
2240							CGI.pm alias for print. $q->print('Hello World!') will print the usual
2241
2242							=cut
2243
2244							################# Cookie Methods ################
2245
2246							=head1 HTTP COOKIES
2247
2248							CGI.pm has several methods that support cookies.
2249
2250							A cookie is a name=value pair much like the named parameters in a CGI
2251							query string. CGI scripts create one or more cookies and send
2252							them to the browser in the HTTP header. The browser maintains a list
2253							of cookies that belong to a particular Web server, and returns them
2254							to the CGI script during subsequent interactions.
2255
2256							In addition to the required name=value pair, each cookie has several
2257							optional attributes:
2258
2259							=over 4
2260
2261							=item 1. an expiration time
2262
2263							This is a time/date string (in a special GMT format) that indicates
2264							when a cookie expires. The cookie will be saved and returned to your
2265							script until this expiration date is reached if the user exits
2266							the browser and restarts it. If an expiration date isn't specified, the cookie
2267							will remain active until the user quits the browser.
2268
2269							=item 2. a domain
2270
2271							This is a partial or complete domain name for which the cookie is
2272							valid. The browser will return the cookie to any host that matches
2273							the partial domain name. For example, if you specify a domain name
2274							of ".capricorn.com", then the browser will return the cookie to
2275							Web servers running on any of the machines "www.capricorn.com",
2276							"www2.capricorn.com", "feckless.capricorn.com", etc. Domain names
2277							must contain at least two periods to prevent attempts to match
2278							on top level domains like ".edu". If no domain is specified, then
2279							the browser will only return the cookie to servers on the host the
2280							cookie originated from.
2281
2282							=item 3. a path
2283
2284							If you provide a cookie path attribute, the browser will check it
2285							against your script's URL before returning the cookie. For example,
2286							if you specify the path "/cgi-bin", then the cookie will be returned
2287							to each of the scripts "/cgi-bin/tally.pl", "/cgi-bin/order.pl",
2288							and "/cgi-bin/customer_service/complain.pl", but not to the script
2289							"/cgi-private/site_admin.pl". By default, path is set to "/", which
2290							causes the cookie to be sent to any CGI script on your site.
2291
2292							=item 4. a "secure" flag
2293
2294							If the "secure" attribute is set, the cookie will only be sent to your
2295							script if the CGI request is occurring on a secure channel, such as SSL.
2296
2297							=back
2298
2299							=head2 cookie() A simple access method to cookies
2300
2301							The interface to HTTP cookies is the B method:
2302
2303							$cookie = $q->cookie( -name => 'sessionID',
2304							-value => 'xyzzy',
2305							-expires => '+1h',
2306							-path => '/cgi-bin/database',
2307							-domain => '.capricorn.org',
2308							-secure => 1
2309							);
2310							print $q->header(-cookie=>$cookie);
2311
2312							B creates a new cookie. Its parameters include:
2313
2314							=over 4
2315
2316							=item B<-name>
2317
2318							The name of the cookie (required). This can be any string at all.
2319							Although browsers limit their cookie names to non-whitespace
2320							alphanumeric characters, CGI.pm removes this restriction by escaping
2321							and unescaping cookies behind the scenes.
2322
2323							=item B<-value>
2324
2325							The value of the cookie. This can be any scalar value,
2326							array reference, or even associative array reference. For example,
2327							you can store an entire associative array into a cookie this way:
2328
2329							$cookie=$q->cookie( -name => 'family information',
2330							-value => \%childrens_ages );
2331
2332							=item B<-path>
2333
2334							The optional partial path for which this cookie will be valid, as described
2335							above.
2336
2337							=item B<-domain>
2338
2339							The optional partial domain for which this cookie will be valid, as described
2340							above.
2341
2342							=item B<-expires>
2343
2344							The optional expiration date for this cookie. The format is as described
2345							in the section on the B method:
2346
2347							"+1h" one hour from now
2348
2349							=item B<-secure>
2350
2351							If set to true, this cookie will only be used within a secure
2352							SSL session.
2353
2354							=back
2355
2356							The cookie created by B must be incorporated into the HTTP
2357							header within the string returned by the B method:
2358
2359							print $q->header(-cookie=>$my_cookie);
2360
2361							To create multiple cookies, give B an array reference:
2362
2363							$cookie1 = $q->cookie( -name => 'riddle_name',
2364							-value => "The Sphynx's Question"
2365							);
2366							$cookie2 = $q->cookie( -name => 'answers',
2367							-value => \%answers
2368							);
2369							print $q->header( -cookie => [ $cookie1, $cookie2 ] );
2370
2371							To retrieve a cookie, request it by name by calling B method
2372							without the B<-value> parameter:
2373
2374							use CGI::Simple;
2375							$q = CGI::Simple->new;
2376							$riddle = $q->cookie('riddle_name');
2377							%answers = $q->cookie('answers');
2378
2379							Cookies created with a single scalar value, such as the "riddle_name"
2380							cookie, will be returned in that form. Cookies with array and hash
2381							values can also be retrieved.
2382
2383							The cookie and CGI::Simple namespaces are separate. If you have a parameter
2384							named 'answers' and a cookie named 'answers', the values retrieved by
2385							B and B are independent of each other. However, it's
2386							simple to turn a CGI parameter into a cookie, and vice-versa:
2387
2388							# turn a CGI parameter into a cookie
2389							$c = $q->cookie( -name=>'answers', -value=>[$q->param('answers')] );
2390							# vice-versa
2391							$q->param( -name=>'answers', -value=>[$q->cookie('answers')] );
2392
2393							=head2 raw_cookie()
2394
2395							Returns the HTTP_COOKIE variable. Cookies have a special format, and
2396							this method call just returns the raw form (?cookie dough). See
2397							B for ways of setting and retrieving cooked cookies.
2398
2399							Called with no parameters, B returns the packed cookie
2400							structure. You can separate it into individual cookies by splitting
2401							on the character sequence "; ". Called with the name of a cookie,
2402							retrieves the B form of the cookie. You can use the
2403							regular B method to get the names, or use the raw_fetch()
2404							method from the CGI::Simmple::Cookie module.
2405
2406							=cut
2407
2408							################# Header Methods ################
2409
2410							=head1 CREATING HTTP HEADERS
2411
2412							Normally the first thing you will do in any CGI script is print out an
2413							HTTP header. This tells the browser what type of document to expect,
2414							and gives other optional information, such as the language, expiration
2415							date, and whether to cache the document. The header can also be
2416							manipulated for special purposes, such as server push and pay per view
2417							pages.
2418
2419							=head2 header() Create simple or complex HTTP headers
2420
2421							print $q->header;
2422
2423							-or-
2424
2425							print $q->header('image/gif');
2426
2427							-or-
2428
2429							print $q->header('text/html','204 No response');
2430
2431							-or-
2432
2433							print $q->header( -type => 'image/gif',
2434							-nph => 1,
2435							-status => '402 Payment required',
2436							-expires => '+3d',
2437							-cookie => $cookie,
2438							-charset => 'utf-7',
2439							-attachment => 'foo.gif',
2440							-Cost => '$2.00'
2441							);
2442
2443							B returns the Content-type: header. You can provide your own
2444							MIME type if you choose, otherwise it defaults to text/html. An
2445							optional second parameter specifies the status code and a human-readable
2446							message. For example, you can specify 204, "No response" to create a
2447							script that tells the browser to do nothing at all.
2448
2449							The last example shows the named argument style for passing arguments
2450							to the CGI methods using named parameters. Recognized parameters are
2451							B<-type>, B<-status>, B<-cookie>, B<-target>, B<-expires>, B<-nph>,
2452							B<-charset> and B<-attachment>. Any other named parameters will be
2453							stripped of their initial hyphens and turned into header fields, allowing
2454							you to specify any HTTP header you desire.
2455
2456							For example, you can produce non-standard HTTP header fields by providing
2457							them as named arguments:
2458
2459							print $q->header( -type => 'text/html',
2460							-nph => 1,
2461							-cost => 'Three smackers',
2462							-annoyance_level => 'high',
2463							-complaints_to => 'bit bucket'
2464							);
2465
2466							This will produce the following non-standard HTTP header:
2467
2468							HTTP/1.0 200 OK
2469							Cost: Three smackers
2470							Annoyance-level: high
2471							Complaints-to: bit bucket
2472							Content-type: text/html
2473
2474							Note that underscores are translated automatically into hyphens. This feature
2475							allows you to keep up with the rapidly changing HTTP "standards".
2476
2477							The B<-type> is a key element that tell the browser how to display your
2478							document. The default is 'text/html'. Common types are:
2479
2480							text/html
2481							text/plain
2482							image/gif
2483							image/jpg
2484							image/png
2485							application/octet-stream
2486
2487							The B<-status> code is the HTTP response code. The default is 200 OK. Common
2488							status codes are:
2489
2490							200 OK
2491							204 No Response
2492							301 Moved Permanently
2493							302 Found
2494							303 See Other
2495							307 Temporary Redirect
2496							400 Bad Request
2497							401 Unauthorized
2498							403 Forbidden
2499							404 Not Found
2500							405 Not Allowed
2501							408 Request Timed Out
2502							500 Internal Server Error
2503							503 Service Unavailable
2504							504 Gateway Timed Out
2505
2506							The B<-expires> parameter lets you indicate to a browser and proxy server
2507							how long to cache pages for. When you specify an absolute or relative
2508							expiration interval with this parameter, some browsers and proxy servers
2509							will cache the script's output until the indicated expiration date.
2510							The following forms are all valid for the -expires field:
2511
2512							+30s 30 seconds from now
2513							+10m ten minutes from now
2514							+1h one hour from now
2515							-1d yesterday (i.e. "ASAP!")
2516							now immediately
2517							+3M in three months
2518							+10y in ten years time
2519							Thursday, 25-Apr-1999 00:40:33 GMT at the indicated time & date
2520
2521							The B<-cookie> parameter generates a header that tells the browser to provide
2522							a "magic cookie" during all subsequent transactions with your script.
2523							Netscape cookies have a special format that includes interesting attributes
2524							such as expiration time. Use the B method to create and retrieve
2525							session cookies.
2526
2527							The B<-target> is for frames use
2528
2529							The B<-nph> parameter, if set to a true value, will issue the correct
2530							headers to work with a NPH (no-parse-header) script. This is important
2531							to use with certain servers that expect all their scripts to be NPH.
2532
2533							The B<-charset> parameter can be used to control the character set
2534							sent to the browser. If not provided, defaults to ISO-8859-1. As a
2535							side effect, this sets the charset() method as well.
2536
2537							The B<-attachment> parameter can be used to turn the page into an
2538							attachment. Instead of displaying the page, some browsers will prompt
2539							the user to save it to disk. The value of the argument is the
2540							suggested name for the saved file. In order for this to work, you may
2541							have to set the B<-type> to 'application/octet-stream'.
2542
2543							=head2 no_cache() Preventing browser caching of scripts
2544
2545							Most browsers will not cache the output from CGI scripts. Every time
2546							the browser reloads the page, the script is invoked anew. However some
2547							browsers do cache pages. You can discourage this behavior using the
2548							B function.
2549
2550							$q->no_cache(1); # turn caching off by sending appropriate headers
2551							$q->no_cache(1); # do not send cache related headers.
2552
2553							$q->no_cache(1);
2554							print header (-type=>'image/gif', -nph=>1);
2555
2556							This will produce a header like the following:
2557
2558							HTTP/1.0 200 OK
2559							Server: Apache - accept no substitutes
2560							Expires: Thu, 15 Nov 2001 03:37:50 GMT
2561							Date: Thu, 15 Nov 2001 03:37:50 GMT
2562							Pragma: no-cache
2563							Content-Type: image/gif
2564
2565							Both the Pragma: no-cache header field and an Expires header that corresponds
2566							to the current time (ie now) will be sent.
2567
2568							=head2 cache() Preventing browser caching of scripts
2569
2570							The somewhat ill named B method is a legacy from CGI.pm. It operates
2571							the same as the new B method. The difference is/was that when set
2572							it results only in the Pragma: no-cache line being printed.
2573							Expires time data is not sent.
2574
2575							=head2 redirect() Generating a redirection header
2576
2577							print $q->redirect('http://somewhere.else/in/movie/land');
2578
2579							Sometimes you don't want to produce a document yourself, but simply
2580							redirect the browser elsewhere, perhaps choosing a URL based on the
2581							time of day or the identity of the user.
2582
2583							The B function redirects the browser to a different URL. If
2584							you use redirection like this, you should B print out a header as
2585							well.
2586
2587							One hint I can offer is that relative links may not work correctly
2588							when you generate a redirection to another document on your site.
2589							This is due to a well-intentioned optimization that some servers use.
2590							The solution to this is to use the full URL (including the http: part)
2591							of the document you are redirecting to.
2592
2593							You can also use named arguments:
2594
2595							print $q->redirect( -uri=>'http://somewhere.else/in/movie/land',
2596							-nph=>1
2597							);
2598
2599							The B<-nph> parameter, if set to a true value, will issue the correct
2600							headers to work with a NPH (no-parse-header) script. This is important
2601							to use with certain servers, such as Microsoft ones, which
2602							expect all their scripts to be NPH.
2603
2604							=cut
2605
2606							=head1 PRAGMAS
2607
2608							There are a number of pragmas that you can specify in your use CGI::Simple
2609							statement. Pragmas, which are always preceded by a hyphen, change the way
2610							that CGI::Simple functions in various ways. You can generally achieve
2611							exactly the same results by setting the underlying $GLOBAL_VARIABLES.
2612
2613							For example the '-upload' pargma will enable file uploads:
2614
2615							use CGI::Simple qw(-upload);
2616
2617							In CGI::Simple::Standard Pragmas, function sets , and individual functions
2618							can all be imported in the same use() line. For example, the following
2619							use statement imports the standard set of functions and enables debugging
2620							mode (pragma -debug):
2621
2622							use CGI::Simple::Standard qw(:standard -debug);
2623
2624							The current list of pragmas is as follows:
2625
2626							=over 4
2627
2628							=item -no_undef_params
2629
2630							If a value is not given in the query string, as in the queries
2631							"name1=&name2=" or "name1&name2", by default it will be returned
2632							as an empty string.
2633
2634							If you specify the '-no_undef_params' pragma then CGI::Simple ignores
2635							parameters with no values and they will not appear in the query object.
2636
2637							=item -nph
2638
2639							This makes CGI.pm produce a header appropriate for an NPH (no
2640							parsed header) script. You may need to do other things as well
2641							to tell the server that the script is NPH. See the discussion
2642							of NPH scripts below.
2643
2644							=item -newstyle_urls
2645
2646							Separate the name=value pairs in CGI parameter query strings with
2647							semicolons rather than ampersands. For example:
2648
2649							?name=fred;age=24;favorite_color=3
2650
2651							Semicolon-delimited query strings are always accepted, but will not be
2652							emitted by self_url() and query_string() unless the -newstyle_urls
2653							pragma is specified.
2654
2655							=item -oldstyle_urls
2656
2657							Separate the name=value pairs in CGI parameter query strings with
2658							ampersands rather than semicolons. This is the default.
2659
2660							?name=fred&age=24&favorite_color=3
2661
2662							=item -autoload
2663
2664							This is only available for CGI::Simple::Standard and uses AUTOLOAD to
2665							load functions on demand. See the CGI::Simple::Standard docs for details.
2666
2667							=item -no_debug
2668
2669							This turns off the command-line processing features. This is the default.
2670
2671							=item -debug1 and debug2
2672
2673							This turns on debugging. At debug level 1 CGI::Simple will read arguments
2674							from the command-line. At debug level 2 CGI.pm will produce the prompt
2675							"(offline mode: enter name=value pairs on standard input)" and wait for
2676							input on STDIN. If no number is specified then a debug level of 2 is used.
2677
2678							See the section on debugging for more details.
2679
2680							=item -default
2681
2682							This sets the default global values for CGI.pm which will enable infinite
2683							size file uploads, and specify the '-newstyle_urls' and '-debug1' pragmas
2684
2685							=item -no_upload
2686
2687							Disable uploads - the default setting
2688
2689							=item - upload
2690
2691							Enable uploads - the CGI.pm default
2692
2693							=item -unique_header
2694
2695							Only allows headers to be generated once per script invocation
2696
2697							=item -carp
2698
2699							Carp when B called, default is to do nothing
2700
2701							=item -croak
2702
2703							Croak when B called, default is to do nothing
2704
2705							=back
2706
2707							=cut
2708
2709							############### NPH Scripts ################
2710
2711							=head1 USING NPH SCRIPTS
2712
2713							NPH, or "no-parsed-header", scripts bypass the server completely by
2714							sending the complete HTTP header directly to the browser. This has
2715							slight performance benefits, but is of most use for taking advantage
2716							of HTTP extensions that are not directly supported by your server,
2717							such as server push and PICS headers.
2718
2719							Servers use a variety of conventions for designating CGI scripts as
2720							NPH. Many Unix servers look at the beginning of the script's name for
2721							the prefix "nph-". The Macintosh WebSTAR server and Microsoft's
2722							Internet Information Server, in contrast, try to decide whether a
2723							program is an NPH script by examining the first line of script output.
2724
2725							CGI.pm supports NPH scripts with a special NPH mode. When in this
2726							mode, CGI.pm will output the necessary extra header information when
2727							the B and B methods are called. You can set NPH mode
2728							in any of the following ways:
2729
2730							=over 4
2731
2732							=item In the B statement
2733
2734							Simply add the "-nph" pragma to the use:
2735
2736							use CGI::Simple qw(-nph)
2737
2738							=item By calling the B method:
2739
2740							Call B with a non-zero parameter at any point after using CGI.pm in your program.
2741
2742							$q->nph(1)
2743
2744							=item By using B<-nph> parameters
2745
2746							in the B and B statements:
2747
2748							print $q->header(-nph=>1);
2749
2750							=back
2751
2752							The Microsoft Internet Information Server requires NPH mode.
2753							CGI::Simple will automatically detect when the script is
2754							running under IIS and put itself into this mode. You do not need to
2755							do this manually, although it won't hurt anything if you do. However,
2756							note that if you have applied Service Pack 6, much of the
2757							functionality of NPH scripts, including the ability to redirect while
2758							setting a cookie, b on IIS without a special patch
2759							from Microsoft. See
2760							http://support.microsoft.com/support/kb/articles/Q280/3/41.ASP:
2761							Non-Parsed Headers Stripped From CGI Applications That Have nph-
2762							Prefix in Name.
2763
2764							=cut
2765
2766							################# Server Push Methods #################
2767
2768							=head1 SERVER PUSH
2769
2770							CGI.pm provides four simple functions for producing multipart
2771							documents of the type needed to implement server push. These
2772							functions were graciously provided by Ed Jordan with
2773							additions from Andrew Benham
2774
2775							You are also advised to put the script into NPH mode and to set $\| to
2776							1 to avoid buffering problems.
2777
2778							Browser support for server push is variable.
2779
2780							Here is a simple script that demonstrates server push:
2781
2782							#!/usr/local/bin/perl
2783							use CGI::Simple::Standard qw/:push -nph/;
2784							$\| = 1;
2785							print multipart_init(-boundary=>'----here we go!');
2786							foreach (0 .. 4) {
2787							print multipart_start(-type=>'text/plain'),
2788							"The current time is ",scalar(localtime),"\n";
2789							if ($_ < 4) {
2790							print multipart_end;
2791							}
2792							else {
2793							print multipart_final;
2794							}
2795							sleep 1;
2796							}
2797
2798							This script initializes server push by calling B.
2799							It then enters a loop in which it begins a new multipart section by
2800							calling B, prints the current local time,
2801							and ends a multipart section with B. It then sleeps
2802							a second, and begins again. On the final iteration, it ends the
2803							multipart section with B rather than with
2804							B.
2805
2806							=head2 multipart_init() Initialize the multipart system
2807
2808							multipart_init(-boundary=>$boundary);
2809
2810							Initialize the multipart system. The -boundary argument specifies
2811							what MIME boundary string to use to separate parts of the document.
2812							If not provided, CGI.pm chooses a reasonable boundary for you.
2813
2814							=head2 multipart_start() Start a new part of the multipart document
2815
2816							multipart_start(-type=>$type)
2817
2818							Start a new part of the multipart document using the specified MIME
2819							type. If not specified, text/html is assumed.
2820
2821							=head2 multipart_end() End a multipart part
2822
2823							multipart_end()
2824
2825							End a part. You must remember to call B once for each
2826							B, except at the end of the last part of the multipart
2827							document when B should be called instead of
2828							B.
2829
2830							=head2 multipart_final()
2831
2832							multipart_final()
2833
2834							End all parts. You should call B rather than
2835							B at the end of the last part of the multipart document.
2836
2837							=head2 CGI::Push
2838
2839							Users interested in server push applications should also have a look
2840							at the B module.
2841
2842							=cut
2843
2844							################# Debugging Methods ################
2845
2846							=head1 DEBUGGING
2847
2848							If you are running the script from the command line or in the perl
2849							debugger, you can pass the script a list of keywords or
2850							parameter=value pairs on the command line or from standard input (you
2851							don't have to worry about tricking your script into reading from
2852							environment variables). Before you do this you will need to change the
2853							debug level from the default level of 0 (no debug) to either 1 if you
2854							want to debug from @ARGV (the command line) of 2 if you want to debug from
2855							STDIN. You can do this using the debug pragma like this:
2856
2857							use CGI::Simple qw(-debug2); # set debug to level 2 => from STDIN
2858
2859							or this:
2860
2861							$CGI::Simple::DEBUG = 1; # set debug to level 1 => from @ARGV
2862
2863							At debug level 1 you can pass keywords and name=value pairs like this:
2864
2865							your_script.pl keyword1 keyword2 keyword3
2866
2867							or this:
2868
2869							your_script.pl keyword1+keyword2+keyword3
2870
2871							or this:
2872
2873							your_script.pl name1=value1 name2=value2
2874
2875							or this:
2876
2877							your_script.pl name1=value1&name2=value2
2878
2879							At debug level 2 you can feed newline-delimited name=value
2880							pairs to the script on standard input. You will be presented
2881							with the following prompt:
2882
2883							(offline mode: enter name=value pairs on standard input)
2884
2885							You end the input with your system dependent end of file character.
2886							You should try ^Z ^X ^D and ^C if all else fails. The ^ means hold down
2887							the [Ctrl] button while you press the other key.
2888
2889							When debugging, you can use quotes and backslashes to escape
2890							characters in the familiar shell manner, letting you place
2891							spaces and other funny characters in your parameter=value
2892							pairs:
2893
2894							your_script.pl "name1='I am a long value'" "name2=two\ words"
2895
2896							=head2 Dump() Dumping the current object details
2897
2898							The B method produces a string consisting of all the
2899							query's object attributes formatted nicely as a nested list. This dump
2900							includes the name/value pairs and a number of other details. This is useful
2901							for debugging purposes:
2902
2903							print $q->Dump
2904
2905							The actual result of this is HTML escaped formatted text wrapped in tags
2906							so if you send it straight to the browser it produces something that looks
2907							like:
2908
2909							$VAR1 = bless( {
2910							'.parameters' => [
2911							'name',
2912							'color'
2913							],
2914							'.globals' => {
2915							'FATAL' => -1,
2916							'DEBUG' => 0,
2917							'NO_NULL' => 1,
2918							'POST_MAX' => 102400,
2919							'USE_CGI_PM_DEFAULTS' => 0,
2920							'HEADERS_ONCE' => 0,
2921							'NPH' => 0,
2922							'DISABLE_UPLOADS' => 1,
2923							'NO_UNDEF_PARAMS' => 0,
2924							'USE_PARAM_SEMICOLONS' => 0
2925							},
2926							'.fieldnames' => {
2927							'color' => '1',
2928							'name' => '1'
2929							},
2930							'.mod_perl' => '',
2931							'color' => [
2932							'red',
2933							'green',
2934							'blue'
2935							],
2936							'name' => [
2937							'JaPh,'
2938							]
2939							}, 'CGI::Simple' );
2940
2941							You may recognize this as valid Perl syntax (which it is) and/or the output
2942							from Data::Dumper (also true). This is the actual guts of how the information
2943							is stored in the query object. All the internal params start with a . char
2944
2945							Alternatively you can dump your object and the current environment using:
2946
2947							print $q->Dump(\%ENV);
2948
2949							=head2 PrintEnv() Dumping the environment
2950
2951							You can get a similar browser friendly dump of the current %ENV hash using:
2952
2953							print $q->PrintEnv;
2954
2955							This will produce something like (in the browser):
2956
2957							$VAR1 = {
2958							'QUERY_STRING' => 'name=JaPh%2C&color=red&color=green&color=blue',
2959							'CONTENT_TYPE' => 'application/x-www-form-urlencoded',
2960							'REGRESSION_TEST' => 'simple.t.pl',
2961							'VIM' => 'C:\\WINDOWS\\Desktop\\vim',
2962							'HTTP_REFERER' => 'xxx.sex.com',
2963							'HTTP_USER_AGENT' => 'LWP',
2964							'HTTP_ACCEPT' => 'text/html;q=1, image/gif;q=0.42, /;q=0.001',
2965							'REMOTE_HOST' => 'localhost',
2966							'HTTP_HOST' => 'the.restaurant.at.the.end.of.the.universe',
2967							'GATEWAY_INTERFACE' => 'bleeding edge',
2968							'REMOTE_IDENT' => 'None of your damn business',
2969							'SCRIPT_NAME' => '/cgi-bin/foo.cgi',
2970							'SERVER_NAME' => 'nowhere.com',
2971							'HTTP_COOKIE' => '',
2972							'CONTENT_LENGTH' => '42',
2973							'HTTPS_A' => 'A',
2974							'HTTP_FROM' => 'spammer@nowhere.com',
2975							'HTTPS_B' => 'B',
2976							'SERVER_PROTOCOL' => 'HTTP/1.0',
2977							'PATH_TRANSLATED' => '/usr/local/somewhere/else',
2978							'SERVER_SOFTWARE' => 'Apache - accept no substitutes',
2979							'PATH_INFO' => '/somewhere/else',
2980							'REMOTE_USER' => 'Just another Perl hacker,',
2981							'REMOTE_ADDR' => '127.0.0.1',
2982							'HTTPS' => 'ON',
2983							'DOCUMENT_ROOT' => '/vs/www/foo',
2984							'REQUEST_METHOD' => 'GET',
2985							'REDIRECT_QUERY_STRING' => '',
2986							'AUTH_TYPE' => 'PGP MD5 DES rot13',
2987							'COOKIE' => 'foo=a%20phrase; bar=yes%2C%20a%20phrase&;I%20say;',
2988							'SERVER_PORT' => '8080'
2989							};
2990
2991
2992							=head2 cgi_error() Retrieving CGI::Simple error messages
2993
2994							Errors can occur while processing user input, particularly when
2995							processing uploaded files. When these errors occur, CGI::Simple will stop
2996							processing and return an empty parameter list. You can test for
2997							the existence and nature of errors using the B function.
2998							The error messages are formatted as HTTP status codes. You can either
2999							incorporate the error text into an HTML page, or use it as the value
3000							of the HTTP status:
3001
3002							my $error = $q->cgi_error;
3003							if ($error) {
3004							print $q->header(-status=>$error);
3005							print " $error ;
3006							exit;
3007							}
3008
3009							=cut
3010
3011							############### Accessor Methods ################
3012
3013							=head1 ACCESSOR METHODS
3014
3015							=head2 version() Get the CGI::Simple version info
3016
3017							$version = $q->version();
3018
3019							The B method returns the value of $VERSION
3020
3021							=head2 nph() Enable/disable NPH (Non Parsed Header) mode
3022
3023							$q->nph(1); # enable NPH mode
3024							$q->nph(0); # disable NPH mode
3025
3026							The B method enables and disables NPH headers. See the NPH section.
3027
3028							=head2 all_parameters() Get the names/values of all parameters
3029
3030							@all_parameters = $q->all_parameters();
3031
3032							The B method is an alias for B
3033
3034							=head2 charset() Get/set the current character set.
3035
3036							$charset = $q->charset(); # get current charset
3037							$q->charset('utf-42'); # set the charset
3038
3039							The B method gets the current charset value if no argument is
3040							supplied or sets it if an argument is supplied.
3041
3042							=head2 crlf() Get the system specific line ending sequence
3043
3044							$crlf = $q->crlf();
3045
3046							The B method returns the system specific line ending sequence.
3047
3048							=head2 globals() Get/set the value of the remaining global variables
3049
3050							$globals = $q->globals('FATAL'); # get the current value of $FATAL
3051							$globals = $q->globals('FATAL', 1 ); # set croak mode on cgi_error()
3052
3053							The B method gets/sets the values of the global variables after the
3054							script has been invoked. For globals like $POST_MAX and $DISABLE_UPLOADS this
3055							makes no difference as they must be set prior to calling the new constructor
3056							but there might be reason the change the value of others.
3057
3058							=head2 auth_type() Get the current authorization/verification method
3059
3060							$auth_type = $q->auth_type();
3061
3062							The B method returns the value of $ENV{'AUTH_TYPE'} which should
3063							contain the authorization/verification method in use for this script, if any.
3064
3065							=head2 content_length() Get the content length submitted in a POST
3066
3067							$content_length = $q->content_length();
3068
3069							The B method returns the value of $ENV{'AUTH_TYPE'}
3070
3071							=head2 content_type() Get the content_type of data submitted in a POST
3072
3073							$content_type = $q->content_type();
3074
3075							The B method returns the content_type of data submitted in
3076							a POST, generally 'multipart/form-data' or
3077							'application/x-www-form-urlencoded' as supplied in $ENV{'CONTENT_TYPE'}
3078
3079							=head2 document_root() Get the document root
3080
3081							$document_root = $q->document_root();
3082
3083							The B method returns the value of $ENV{'DOCUMENT_ROOT'}
3084
3085							=head2 gateway_interface() Get the gateway interface
3086
3087							$gateway_interface = $q->gateway_interface();
3088
3089							The B method returns the value of
3090							$ENV{'GATEWAY_INTERFACE'}
3091
3092							=head2 path_translated() Get the value of path translated
3093
3094							$path_translated = $q->path_translated();
3095
3096							The B method returns the value of $ENV{'PATH_TRANSLATED'}
3097
3098							=head2 referer() Spy on your users
3099
3100							$referer = $q->referer();
3101
3102							The B method returns the value of $ENV{'REFERER'} This will return
3103							the URL of the page the browser was viewing prior to fetching your script.
3104							Not available for all browsers.
3105
3106							=head2 remote_addr() Get the remote address
3107
3108							$remote_addr = $q->remote_addr();
3109
3110							The B method returns the value of $ENV{'REMOTE_ADDR'} or
3111							127.0.0.1 (localhost) if this is not defined.
3112
3113							=head2 remote_host() Get a value for remote host
3114
3115							$remote_host = $q->remote_host();
3116
3117							The B method returns the value of $ENV{'REMOTE_HOST'} if it is
3118							defined. If this is not defined it returns $ENV{'REMOTE_ADDR'} If this is not
3119							defined it returns 'localhost'
3120
3121							=head2 remote_ident() Get the remote identity
3122
3123							$remote_ident = $q->remote_ident();
3124
3125							The B method returns the value of $ENV{'REMOTE_IDENT'}
3126
3127							=head2 remote_user() Get the remote user
3128
3129							$remote_user = $q->remote_user();
3130
3131							The B method returns the authorization/verification name used
3132							for user verification, if this script is protected. The value comes from
3133							$ENV{'REMOTE_USER'}
3134
3135							=head2 request_method() Get the request method
3136
3137							$request_method = $q->request_method();
3138
3139							The B method returns the method used to access your
3140							script, usually one of 'POST', 'GET' or 'HEAD' as supplied by
3141							$ENV{'REQUEST_METHOD'}
3142
3143							=head2 script_name() Get the script name
3144
3145							$script_name = $q->script_name();
3146
3147							The B method returns the value of $ENV{'SCRIPT_NAME'} if it is
3148							defined. Otherwise it returns Perl's script name from $0. Failing this it
3149							returns a null string ''
3150
3151							=head2 server_name() Get the server name
3152
3153							$server_name = $q->server_name();
3154
3155							The B method returns the value of $ENV{'SERVER_NAME'} if defined
3156							or 'localhost' otherwise
3157
3158							=head2 server_port() Get the port the server is listening on
3159
3160							$server_port = $q->server_port();
3161
3162							The B method returns the value $ENV{'SERVER_PORT'} if defined or
3163							80 if not.
3164
3165							=head2 server_protocol() Get the current server protocol
3166
3167							$server_protocol = $q->server_protocol();
3168
3169							The B method returns the value of $ENV{'SERVER_PROTOCOL'} if
3170							defined or 'HTTP/1.0' otherwise
3171
3172							=head2 server_software() Get the server software
3173
3174							$server_software = $q->server_software();
3175
3176							The B method returns the value $ENV{'SERVER_SOFTWARE'} or
3177							'cmdline' If the server software is IIS it formats your hard drive, installs
3178							Linux, FTPs to www.apache.org, installs Apache, and then restores your system
3179							from tape. Well maybe not, but it's a nice thought.
3180
3181							=head2 user_name() Get a value for the user name.
3182
3183							$user_name = $q->user_name();
3184
3185							Attempt to obtain the remote user's name, using a variety of different
3186							techniques. This only works with older browsers such as Mosaic.
3187							Newer browsers do not report the user name for privacy reasons!
3188
3189							Technically the B method returns the value of $ENV{'HTTP_FROM'}
3190							or failing that $ENV{'REMOTE_IDENT'} or as a last choice $ENV{'REMOTE_USER'}
3191
3192							=head2 user_agent() Get the users browser type
3193
3194							$ua = $q->user_agent(); # return the user agent
3195							$ok = $q->user_agent('mozilla'); # return true if user agent 'mozilla'
3196
3197							The B method returns the value of $ENV{'HTTP_USER_AGENT'} when
3198							called without an argument or true or false if the $ENV{'HTTP_USER_AGENT'}
3199							matches the passed argument. The matching is case insensitive and partial.
3200
3201							=head2 virtual_host() Get the virtual host
3202
3203							$virtual_host = $q->virtual_host();
3204
3205							The B method returns the value of $ENV{'HTTP_HOST'} if defined
3206							or $ENV{'SERVER_NAME'} as a default. Port numbers are removed.
3207
3208							=head2 path_info() Get any extra path info set to the script
3209
3210							$path_info = $q->path_info();
3211
3212							The B method returns additional path information from the script
3213							URL. E.G. fetching /cgi-bin/your_script/additional/stuff will result in
3214							$q->path_info() returning "/additional/stuff".
3215
3216							NOTE: The Microsoft Internet Information Server
3217							is broken with respect to additional path information. If
3218							you use the Perl DLL library, the IIS server will attempt to
3219							execute the additional path information as a Perl script.
3220							If you use the ordinary file associations mapping, the
3221							path information will be present in the environment,
3222							but incorrect. The best thing to do is to avoid using additional
3223							path information in CGI scripts destined for use with IIS.
3224
3225							=head2 Accept() Get the browser MIME types
3226
3227							$Accept = $q->Accept();
3228
3229							The B method returns a list of MIME types that the remote browser
3230							accepts. If you give this method a single argument corresponding to a
3231							MIME type, as in $q->Accept('text/html'), it will return a floating point
3232							value corresponding to the browser's preference for this type from 0.0
3233							(don't want) to 1.0. Glob types (e.g. text/*) in the browser's accept
3234							list are handled correctly.
3235
3236							=head2 accept() Alias for Accept()
3237
3238							$accept = $q->accept();
3239
3240							The B Method is an alias for Accept()
3241
3242							=head2 http() Get a range of HTTP related information
3243
3244							$http = $q->http();
3245
3246							Called with no arguments the B method returns the list of HTTP or HTTPS
3247							environment variables, including such things as HTTP_USER_AGENT,
3248							HTTP_ACCEPT_LANGUAGE, and HTTP_ACCEPT_CHARSET, corresponding to the
3249							like-named HTTP header fields in the request. Called with the name of
3250							an HTTP header field, returns its value. Capitalization and the use
3251							of hyphens versus underscores are not significant.
3252
3253							For example, all three of these examples are equivalent:
3254
3255							$requested_language = $q->http('Accept-language');
3256							$requested_language = $q->http('Accept_language');
3257							$requested_language = $q->http('HTTP_ACCEPT_LANGUAGE');
3258
3259							=head2 https() Get a range of HTTPS related information
3260
3261							$https = $q->https();
3262
3263							The B method is similar to the http() method except that when called
3264							without an argument it returns the value of $ENV{'HTTPS'} which will be
3265							true if a HTTPS connection is in use and false otherwise.
3266
3267							=head2 protocol() Get the current protocol
3268
3269							$protocol = $q->protocol();
3270
3271							The B method returns 'https' if a HTTPS connection is in use or the
3272							B minus version numbers ('http') otherwise.
3273
3274							=head2 url() Return the script's URL in several formats
3275
3276							$full_url = $q->url();
3277							$full_url = $q->url(-full=>1);
3278							$relative_url = $q->url(-relative=>1);
3279							$absolute_url = $q->url(-absolute=>1);
3280							$url_with_path = $q->url(-path_info=>1);
3281							$url_with_path_and_query = $q->url(-path_info=>1,-query=>1);
3282							$netloc = $q->url(-base => 1);
3283
3284							B returns the script's URL in a variety of formats. Called
3285							without any arguments, it returns the full form of the URL, including
3286							host name and port number
3287
3288							http://your.host.com/path/to/script.cgi
3289
3290							You can modify this format with the following named arguments:
3291
3292							=over 4
3293
3294							=item B<-absolute>
3295
3296							If true, produce an absolute URL, e.g.
3297
3298							/path/to/script.cgi
3299
3300							=item B<-relative>
3301
3302							Produce a relative URL. This is useful if you want to reinvoke your
3303							script with different parameters. For example:
3304
3305							script.cgi
3306
3307							=item B<-full>
3308
3309							Produce the full URL, exactly as if called without any arguments.
3310							This overrides the -relative and -absolute arguments.
3311
3312							=item B<-path> (B<-path_info>)
3313
3314							Append the additional path information to the URL. This can be
3315							combined with B<-full>, B<-absolute> or B<-relative>. B<-path_info>
3316							is provided as a synonym.
3317
3318							=item B<-query> (B<-query_string>)
3319
3320							Append the query string to the URL. This can be combined with
3321							B<-full>, B<-absolute> or B<-relative>. B<-query_string> is provided
3322							as a synonym.
3323
3324							=item B<-base>
3325
3326							Generate just the protocol and net location, as in http://www.foo.com:8000
3327
3328							=back
3329
3330							=head2 self_url() Get the scripts complete URL
3331
3332							$self_url = $q->self_url();
3333
3334							The B method returns the value of:
3335
3336							$self->url( '-path_info'=>1, '-query'=>1, '-full'=>1 );
3337
3338							=head2 state() Alias for self_url()
3339
3340							$state = $q->state();
3341
3342							The B method is an alias for self_url()
3343
3344							=cut
3345
3346							################# cgi-lib.pl Compatibility Methods #################
3347
3348							=head1 COMPATIBILITY WITH cgi-lib.pl 2.18
3349
3350							To make it easier to port existing programs that use cgi-lib.pl all
3351							the subs within cgi-lib.pl are available in CGI::Simple. Using the
3352							functional interface of CGI::Simple::Standard porting is
3353							as easy as:
3354
3355							OLD VERSION
3356							require "cgi-lib.pl";
3357							&ReadParse;
3358							print "The value of the antique is $in{'antique'}.\n";
3359
3360							NEW VERSION
3361							use CGI::Simple::Standard qw(:cgi-lib);
3362							&ReadParse;
3363							print "The value of the antique is $in{'antique'}.\n";
3364
3365							CGI:Simple's B routine creates a variable named %in,
3366							which can be accessed to obtain the query variables. Like
3367							ReadParse, you can also provide your own variable via a glob. Infrequently
3368							used features of B, such as the creation of @in and $in
3369							variables, are not supported.
3370
3371							You can also use the OO interface of CGI::Simple and call B and
3372							other cgi-lib.pl functions like this:
3373
3374							&CGI::Simple::ReadParse; # get hash values in %in
3375
3376							my $q = CGI::Simple->new;
3377							$q->ReadParse(); # same thing
3378
3379							CGI::Simple::ReadParse(*field); # get hash values in %field function style
3380
3381							my $q = CGI::Simple->new;
3382							$q->ReadParse(*field); # same thing
3383
3384							Once you use B under the functional interface , you can retrieve
3385							the query object itself this way if needed:
3386
3387							$q = $in{'CGI'};
3388
3389							Either way it allows you to start using the more interesting features
3390							of CGI.pm without rewriting your old scripts from scratch.
3391
3392							Unlike CGI.pm all the cgi-lib.pl functions from Version 2.18 are supported:
3393
3394							ReadParse()
3395							SplitParam()
3396							MethGet()
3397							MethPost()
3398							MyBaseUrl()
3399							MyURL()
3400							MyFullUrl()
3401							PrintHeader()
3402							HtmlTop()
3403							HtmlBot()
3404							PrintVariables()
3405							PrintEnv()
3406							CgiDie()
3407							CgiError()
3408
3409							=head1 COMPATIBILITY WITH CGI.pm
3410
3411							I has long been suggested that the CGI and HTML parts of CGI.pm should be
3412							split into separate modules (even the author suggests this!), CGI::Simple
3413							represents the realization of this and contains the complete CGI side of
3414							CGI.pm. Code-wise it weighs in at a little under 30% of the size of CGI.pm at
3415							a little under 1000 lines.
3416
3417							A great deal of care has been taken to ensure that the interface remains
3418							unchanged although a few tweaks have been made. The test suite is extensive
3419							and includes all the CGI.pm test scripts as well as a series of new test
3420							scripts. You may like to have a look at /t/concur.t which makes 160 tests
3421							of CGI::Simple and CGI in parallel and compares the results to ensure they
3422							are identical. This is the case as of CGI.pm 2.78.
3423
3424							You can't make an omelet without breaking eggs. A large number of methods
3425							and global variables have been deleted as detailed below. Some pragmas are
3426							also gone. In the tarball there is a script B that will check if
3427							a script seems to be using any of these now non existent methods, globals or
3428							pragmas. You call it like this:
3429
3430							perl check.pl
3431
3432							If it finds any likely candidates it will print a line with the line number,
3433							problem method/global and the complete line. For example here is some output
3434							from running the script on CGI.pm:
3435
3436							...
3437							3162: Problem:'$CGI::OS' local($CRLF) = "\015\012" if $CGI::OS eq 'VMS';
3438							3165: Problem:'fillBuffer' $self->fillBuffer($FILLUNIT);
3439							....
3440
3441							=head1 DIFFERENCES FROM CGI.pm
3442
3443							CGI::Simple is strict and warnings compliant.
3444
3445							There are 4 modules in this distribution:
3446
3447							CGI/Simple.pm supplies all the core code.
3448							CGI/Simple/Cookie.pm supplies the cookie handling functions.
3449							CGI/Simple/Util.pm supplies a variety of utility functions
3450							CGI/Simple/Standard.pm supplies a functional interface for Simple.pm
3451
3452							Simple.pm is the core module that provide all the essential functionality.
3453							Cookie.pm is a shortened rehash of the CGI.pm module of the same name
3454							which supplies the required cookie functionality. Util.pm has been recoded to
3455							use an internal object for data storage and supplies rarely needed non core
3456							functions and/or functions needed for the HTML side of things. Standard.pm is
3457							a wrapper module that supplies a complete functional interface to the OO
3458							back end supplied by CGI::Simple.
3459
3460							Although a serious attempt has been made to keep the interface identical,
3461							some minor changes and tweaks have been made. They will likely be
3462							insignificant to most users but here are the gory details.
3463
3464							=head2 Globals Variables
3465
3466							The list of global variables has been pruned by 75%. Here is the complete
3467							list of the global variables used:
3468
3469							$VERSION = "0.01";
3470							# set this to 1 to use CGI.pm default global settings
3471							$USE_CGI_PM_DEFAULTS = 0 unless defined $USE_CGI_PM_DEFAULTS;
3472							# see if user wants old CGI.pm defaults
3473							do{ _use_cgi_pm_global_settings(); return } if $USE_CGI_PM_DEFAULTS;
3474							# no file uploads by default, set to 0 to enable uploads
3475							$DISABLE_UPLOADS = 1 unless defined $DISABLE_UPLOADS;
3476							# use a post max of 100K, set to -1 for no limits
3477							$POST_MAX = 102_400 unless defined $POST_MAX;
3478							# do not include undefined params parsed from query string
3479							$NO_UNDEF_PARAMS = 0 unless defined $NO_UNDEF_PARAMS;
3480							# separate the name=value pairs with ; rather than &
3481							$USE_PARAM_SEMICOLONS = 0 unless defined $USE_PARAM_SEMICOLONS;
3482							# only print headers once
3483							$HEADERS_ONCE = 0 unless defined $HEADERS_ONCE;
3484							# Set this to 1 to enable NPH scripts
3485							$NPH = 0 unless defined $NPH;
3486							# 0 => no debug, 1 => from @ARGV, 2 => from STDIN
3487							$DEBUG = 0 unless defined $DEBUG;
3488							# filter out null bytes in param - value pairs
3489							$NO_NULL = 1 unless defined $NO_NULL;
3490							# set behavior when cgi_err() called -1 => silent, 0 => carp, 1 => croak
3491							$FATAL = -1 unless defined $FATAL;
3492
3493							Four of the default values of the old CGI.pm variables have been changed.
3494							Unlike CGI.pm which by default allows unlimited POST data and file uploads
3495							by default CGI::Simple limits POST data size to 100kB and denies file uploads
3496							by default. $USE_PARAM_SEMICOLONS is set to 0 by default so we use (old style)
3497							& rather than ; as the pair separator for query strings. Debugging is
3498							disabled by default.
3499
3500							There are three new global variables. If $NO_NULL is true (the default) then
3501							CGI::Simple will strip null bytes out of names, values and keywords. Null
3502							bytes can do interesting things to C based code like Perl. Uploaded files
3503							are not touched. $FATAL controls the behavior when B is called.
3504							The default value of -1 makes errors silent. $USE_CGI_PM_DEFAULTS reverts the
3505							defaults to the CGI.pm standard values ie unlimited file uploads via POST
3506							for DNS attacks. You can also get the defaults back by using the '-default'
3507							pragma in the use:
3508
3509							use CGI::Simple qw(-default);
3510							use CGI::Simple::Standard qw(-default);
3511
3512							The values of the global variables are stored in the CGI::Simple object and
3513							can be referenced and changed using the B method like this:
3514
3515							my $value = $q->globals( 'VARNAME' ); # get
3516							$q->globals( 'VARNAME', 'some value' ); # set
3517
3518							As with many CGI.pm methods if you pass the optional value that will
3519							be set.
3520
3521							The $CGI::Simple::VARNAME = 'N' syntax is only useful prior to calling the
3522							B constructor. After that all reference is to the values stored in the
3523							CGI::Simple object so you must change these using the B method.
3524
3525							$DISABLE_UPLOADS and $POST_MAX must be set prior to calling the constructor
3526							if you want the changes to have any effect as they control behavior during
3527							initialization. This is the same a CGI.pm although some people seem to miss
3528							this rather important point and set these after calling the constructor which
3529							does nothing.
3530
3531							The following globals are no longer relevant and have all been deleted:
3532
3533							$AUTOLOADED_ROUTINES
3534							$AUTOLOAD_DEBUG
3535							$BEEN_THERE
3536							$CRLF
3537							$DEFAULT_DTD
3538							$EBCDIC
3539							$FH
3540							$FILLUNIT
3541							$IIS
3542							$IN
3543							$INITIAL_FILLUNIT
3544							$JSCRIPT
3545							$MAC
3546							$MAXTRIES
3547							$MOD_PERL
3548							$NOSTICKY
3549							$OS
3550							$PERLEX
3551							$PRIVATE_TEMPFILES
3552							$Q
3553							$QUERY_CHARSET
3554							$QUERY_PARAM
3555							$SCRATCH
3556							$SL
3557							$SPIN_LOOP_MAX
3558							$TIMEOUT
3559							$TMPDIRECTORY
3560							$XHTML
3561							%EXPORT
3562							%EXPORT_OK
3563							%EXPORT_TAGS
3564							%OVERLOAD
3565							%QUERY_FIELDNAMES
3566							%SUBS
3567							@QUERY_PARAM
3568							@TEMP
3569
3570							Notes: CGI::Simple uses IO::File->new_tmpfile to get tempfile filehandles.
3571							These are private by default so $PRIVATE_TEMPFILES is no longer required nor
3572							is $TMPDIRECTORY. The value that were stored in $OS, $CRLF, $QUERY_CHARSET
3573							and $EBCDIC are now stored in the CGI::Simple::Util object where they find
3574							most of their use. The $MOD_PERL and $PERLEX values are now stored in our
3575							CGI::Simple object. $IIS was only used once in path_info(). $SL the system
3576							specific / \ : path delimiter is not required as we let IO::File handle our
3577							tempfile requirements. The rest of the globals are HTML related, export
3578							related, hand rolled autoload related or serve obscure purposes in CGI.pm
3579
3580							=head2 Changes to pragmas
3581
3582							There are some new pragmas available. See the pragmas section for details.
3583							The following CGI.pm pragmas are not available:
3584
3585							-any
3586							-compile
3587							-nosticky
3588							-no_xhtml
3589							-private_tempfiles
3590
3591							=head2 Filehandles
3592
3593							Unlike CGI.pm which tries to accept all filehandle like objects only \*FH
3594							and $fh are accepted by CGI::Simple as file accessors for B and B.
3595							IO::File objects work fine.
3596
3597							=head2 Hash interface
3598
3599							%hash = $q->Vars(); # pack values with "\0";
3600							%hash = $q->Vars(","); # comma separate values
3601
3602							You may optionally pass B a string that will be used to separate multiple
3603							values when they are packed into the single hash value. If no value is
3604							supplied the default "\0" (null byte) will be used. Null bytes are dangerous
3605							things for C based code (ie Perl).
3606
3607							=head2 cgi-lib.pl
3608
3609							All the cgi-lib.pl 2.18 routines are supported. Unlike CGI.pm all the
3610							subroutines from cgi-lib.pl are included. They have been GOLFED down to
3611							25 lines but they all work pretty much the same as the originals.
3612
3613							=head1 CGI::Simple COMPLETE METHOD LIST
3614
3615							Here is a complete list of all the CGI::Simple methods.
3616
3617							=head2 Guts (hands off, except of course for new)
3618
3619							_initialize_globals
3620							_use_cgi_pm_global_settings
3621							_store_globals
3622							import
3623							_reset_globals
3624							new
3625							_initialize
3626							_read_parse
3627							_parse_params
3628							_add_param
3629							_parse_keywordlist
3630							_parse_multipart
3631							_save_tmpfile
3632							_read_data
3633
3634							=head2 Core Methods
3635
3636							param
3637							add_param
3638							param_fetch
3639							url_param
3640							keywords
3641							Vars
3642							append
3643							delete
3644							Delete
3645							delete_all
3646							Delete_all
3647							upload
3648							upload_info
3649							query_string
3650							parse_query_string
3651							parse_keywordlist
3652
3653							=head2 Save and Restore from File Methods
3654
3655							_init_from_file
3656							save
3657							save_parameters
3658
3659							=head2 Miscellaneous Methods
3660
3661							url_decode
3662							url_encode
3663							escapeHTML
3664							unescapeHTML
3665							put
3666							print
3667
3668							=head2 Cookie Methods
3669
3670							cookie
3671							raw_cookie
3672
3673							=head2 Header Methods
3674
3675							header
3676							cache
3677							no_cache
3678							redirect
3679
3680							=head2 Server Push Methods
3681
3682							multipart_init
3683							multipart_start
3684							multipart_end
3685							multipart_final
3686
3687							=head2 Debugging Methods
3688
3689							read_from_cmdline
3690							Dump
3691							as_string
3692							cgi_error
3693
3694							=head2 cgi-lib.pl Compatibility Routines - all 2.18 functions available
3695
3696							_shift_if_ref
3697							ReadParse
3698							SplitParam
3699							MethGet
3700							MethPost
3701							MyBaseUrl
3702							MyURL
3703							MyFullUrl
3704							PrintHeader
3705							HtmlTop
3706							HtmlBot
3707							PrintVariables
3708							PrintEnv
3709							CgiDie
3710							CgiError
3711
3712							=head2 Accessor Methods
3713
3714							version
3715							nph
3716							all_parameters
3717							charset
3718							crlf # new, returns OS specific CRLF sequence
3719							globals # get/set global variables
3720							auth_type
3721							content_length
3722							content_type
3723							document_root
3724							gateway_interface
3725							path_translated
3726							referer
3727							remote_addr
3728							remote_host
3729							remote_ident
3730							remote_user
3731							request_method
3732							script_name
3733							server_name
3734							server_port
3735							server_protocol
3736							server_software
3737							user_name
3738							user_agent
3739							virtual_host
3740							path_info
3741							Accept
3742							accept
3743							http
3744							https
3745							protocol
3746							url
3747							self_url
3748							state
3749
3750							=head1 NEW METHODS IN CGI::Simple
3751
3752							There are a few new methods in CGI::Simple as listed below. The highlights are
3753							the B method to add the QUERY_STRING data to your object if
3754							the method was POST. The B method adds an expires now directive and
3755							the Pragma: no-cache directive to the header to encourage some browsers to
3756							do the right thing. B from the cgi-lib.pl routines will dump an
3757							HTML friendly list of the %ENV and makes a handy addition to B for use
3758							in debugging. The upload method now accepts a filepath as an optional second
3759							argument as shown in the synopsis. If this is supplied the uploaded file will
3760							be written to there automagically.
3761
3762							=head2 Internal Routines
3763
3764							_initialize_globals()
3765							_use_cgi_pm_global_settings()
3766							_store_globals()
3767							_initialize()
3768							_init_from_file()
3769							_read_parse()
3770							_parse_params()
3771							_add_param()
3772							_parse_keywordlist()
3773							_parse_multipart()
3774							_save_tmpfile()
3775							_read_data()
3776
3777							=head2 New Public Methods
3778
3779							add_param() # adds a param/value(s) pair +/- overwrite
3780							upload_info() # uploaded files MIME type and size
3781							url_decode() # decode s url encoded string
3782							url_encode() # url encode a string
3783							parse_query_string() # add QUERY_STRING data to $q object if 'POST'
3784							no_cache() # add both the Pragma: no-cache
3785							# and Expires/Date => 'now' to header
3786
3787							=head2 cgi-lib.pl methods added for completeness
3788
3789							_shift_if_ref() # internal hack reminiscent of self_or_default :-)
3790							MyBaseUrl()
3791							MyURL()
3792							MyFullUrl()
3793							PrintVariables()
3794							PrintEnv()
3795							CgiDie()
3796							CgiError()
3797
3798							=head2 New Accessors
3799
3800							crlf() # returns CRLF sequence
3801							globals() # global vars now stored in $q object - get/set
3802							content_length() # returns $ENV{'CONTENT_LENGTH'}
3803							document_root() # returns $ENV{'DOCUMENT_ROOT'}
3804							gateway_interface() # returns $ENV{'GATEWAY_INTERFACE'}
3805
3806							=head1 METHODS IN CGI.pm NOT IN CGI::Simple
3807
3808							Here is a complete list of what is not included in CGI::Simple. Basically all
3809							the HTML related stuff plus large redundant chunks of the guts. The check.pl
3810							script in the /misc dir will check to see if a script is using any of these.
3811
3812							=head2 Guts - rearranged, recoded, renamed and hacked out of existence
3813
3814							initialize_globals()
3815							compile()
3816							expand_tags()
3817							self_or_default()
3818							self_or_CGI()
3819							init()
3820							to_filehandle()
3821							save_request()
3822							parse_params()
3823							add_parameter()
3824							binmode()
3825							_make_tag_func()
3826							AUTOLOAD()
3827							_compile()
3828							_setup_symbols()
3829							new_MultipartBuffer()
3830							read_from_client()
3831							import_names() # I dislike this and left it out, so shoot me.
3832
3833							=head2 HTML Related
3834
3835							autoEscape()
3836							URL_ENCODED()
3837							MULTIPART()
3838							SERVER_PUSH()
3839							start_html()
3840							_style()
3841							_script()
3842							end_html()
3843							isindex()
3844							startform()
3845							start_form()
3846							end_multipart_form()
3847							start_multipart_form()
3848							endform()
3849							end_form()
3850							_textfield()
3851							textfield()
3852							filefield()
3853							password_field()
3854							textarea()
3855							button()
3856							submit()
3857							reset()
3858							defaults()
3859							comment()
3860							checkbox()
3861							checkbox_group()
3862							_tableize()
3863							radio_group()
3864							popup_menu()
3865							scrolling_list()
3866							hidden()
3867							image_button()
3868							nosticky()
3869							default_dtd()
3870
3871							=head2 Upload Related
3872
3873							CGI::Simple uses anonymous tempfiles supplied by IO::File to spool uploaded
3874							files to.
3875
3876							private_tempfiles() # automatic in CGI::Simple
3877							tmpFileName() # all upload files are anonymous
3878							uploadInfo() # relied on FH access, replaced with upload_info()
3879
3880
3881							=head2 Really Private Subs (marked as so)
3882
3883							previous_or_default()
3884							register_parameter()
3885							get_fields()
3886							_set_values_and_labels()
3887							_compile_all()
3888							asString()
3889							compare()
3890
3891							=head2 Internal Multipart Parsing Routines
3892
3893							read_multipart()
3894							readHeader()
3895							readBody()
3896							read()
3897							fillBuffer()
3898							eof()
3899
3900							=head1 EXPORT
3901
3902							Nothing.
3903
3904							=head1 AUTHOR INFORMATION
3905
3906							Originally copyright 2001 Dr James Freeman Ejfreeman@tassie.net.auE
3907							This release by Andy Armstrong
3908
3909							This package is free software and is provided "as is" without express or
3910							implied warranty. It may be used, redistributed and/or modified under the terms
3911							of the Perl Artistic License (see http://www.perl.com/perl/misc/Artistic.html)
3912
3913							Address bug reports and comments to: andy@hexten.net. When sending
3914							bug reports, please provide the version of CGI::Simple, the version of
3915							Perl, the name and version of your Web server, and the name and
3916							version of the operating system you are using. If the problem is even
3917							remotely browser dependent, please provide information about the
3918							affected browsers as well.
3919
3920							Address bug reports and comments to: andy@hexten.net
3921
3922							=head1 CREDITS
3923
3924							Lincoln D. Stein (lstein@cshl.org) and everyone else who worked on the
3925							original CGI.pm upon which this module is heavily based
3926
3927							Brandon Black for some heavy duty testing and bug fixes
3928
3929							John D Robinson and Jeroen Latour for helping solve some interesting test
3930							failures as well as Perlmonks:
3931							tommyw, grinder, Jaap, vek, erasei, jlongino and strider_corinth
3932
3933							Thanks for patches to:
3934
3935							Ewan Edwards, Joshua N Pritikin, Mike Barry, Michael Nachbaur, Chris
3936							Williams, Mark Stosberg, Krasimir Berov, Yamada Masahiro
3937
3938							=head1 LICENCE AND COPYRIGHT
3939
3940							Copyright (c) 2007, Andy Armstrong C<< >>. All rights reserved.
3941
3942							This module is free software; you can redistribute it and/or
3943							modify it under the same terms as Perl itself. See L.
3944
3945							=head1 SEE ALSO
3946
3947							B, L, L,
3948							L, L
3949
3950							=cut

File Coverage

$_[0]

$error