More specifically, you read about the CGI module, some templating solution like HTML::Template (or Petal, my favorite), and maybe even an all dancing wonder framework, such as Maypole or it's competitorrs.

Good luck!

Update: fixed some really lousy english.

In addition to ovid's tutorial already mentioned, here are a few more links for you to check out:
Perl CGI Tutorial
Beginner's Guide to CGI Scripting with Perl

Also, you'll need to pay close attention to security if this is for an ecommerce app. E.g. don't trust that the order total passed to you in a POST is right, as it's easy for an evildoer to make up their own price and bypass your validation. One way around this is to store sensitive data on the server, and reference it via a session id, which gets passed via POST or GET. Have a look at Apache::Session. You can also validate data being passed to you by including an MD5 (or SHA) hash of the values plus some secret key.

The difference between Perl newbie and making a living is realising that there is no good reason to be trying to program a form validator. This is a problem that has long-since been solved.

CGI::Application::ValidateRM is an easy to use software library that marries the structure enforcement of CGI::Application with the pre-built form validation capabilities of Data::FormValidator in a useful and stylish way.

While it may not be immediately obvious how to set this solution up, the time you invest in finding out will likely be more profitable to you than trying to work out a comparable solution yourself. It will also teach you more about building software. You can bring specific problems back here for expert advice.

Personally, I stick a bit of Javascript validation on my forms in addition to this since it can save the end user a page refresh but that's a matter of personal taste.

Without knowing all the details, I'd say your best bet would be to validate the user input via JavaScript. Since JavaScript is client-side, you won't need to send the user input to the server and then back again if it's incorrect.

As for outputting the results of your calculations, etc., you can do this the simple way with CGI, or the slightly more complicated way, although with more control and cleaner code, with HTML::Template.

This kind of stuff is very common. Search this site and Google for more information.

UPDATE: As some other monks have caught a mistake in my original post, I should add that I neglected to mention that user input should ALSO be checked at the server-side. However, contrary to what tachyon says, I do believe that JavaScript provides additional security and does have some degree of reliability.

UPDATE Part II: For a good example of using JavaScript to help validate input, check out http://developer.apple.com/internet/webcontent/validation.html.

I'd say your best bet would be to validate the user input via JavaScript

Bad advice. Client side validation is fine, provided you accept that it is simply to improve the end user experience. It offers absolutely no security or reliable validation

Form validation is a server side task. Period. Do what you like on the client side, you still need to validate everything (again if using JS client side) on the server side.

cheers

tachyon

I beg to differ.

You cannot allow the server to trust that the client side is not tricking it, especially for ecommerce.

All form validation must happen at the server, and possibly, for a better user experience (think responsiveness), also validated with javascript.

I'd also like to note that inn my experience most the javascript validation I met really sucks. Just recently I had to fool an online purchase form which was trying to verify my CCN using javascript that calls a VB script function. I have MacOS X, and use Safari, which isn't VB script enabled.

The only way I could actually buy the thing is if i cheated the javascript. It was simple, too, i just entered the URL javascript:document.formname.submit().

-nuffin
zz zZ Z Z #!perl

I *used* to do form validation with javascript exclusively, until lurking around the monastery for a few months and reading the arguments against it, and for good reasons. However, I now use a combo. I do a full validation (as part of my untainting routines) on the server-side, but first doing a quick check of certain fields in javascript to avoid the roundtrips to the server. The client-side checks are more to protect the "client" and the server-side check are to protect me and the server.

As my validation needs are pretty straight forward, I rolled my own little module with the help of some of the good monks, and it works fine. But do recommend you read up on the aforementioned CGI resources.


—Brad
"Don't ever take a fence down until you know the reason it was put up." G. K. Chesterton

use CGI::FormBuilder; Visit http://www.formbuilder.org/ for demos. You get (server/client)-side validation.

MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"

I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).

** The third rule of perl club is a statement of fact: pod is sexy.