Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Re^3: How to call perl CGI script from another perl CGI scriptby andye (Curate) |
on Apr 24, 2007 at 18:21 UTC ( [id://611804]=note: print w/replies, xml ) | Need Help?? |
Should I assume that most work done in perl/CGI is either 1) user initiated through a form; or 2) executed with a single script calling functions from other modules?
You've got it - both. :) Re 1) Everything CGI is always in response to an http request, so in that sense it's user initiated (unless the page is being spidered by a bot or whatever, but you get the point). It doesn't make any difference to the script itself whether it gets its parameters from a form, or from a URL with extra stuff on the end (or maybe it doesn't take any parameters at all...) Re 2) It's certainly normal practise to put code that you'll need in more than one script inside a module. That's pretty much what modules are for. You can use fork() and so on to go out to other scripts, but it's not a great idea - apart from anything it's pretty slow. If you need to start something running but you don't want to wait for it to finish before sending the page back to the user, then personally I'm a fan of Apache's callback system, which lets you run some more code after the page has been sent back to the user. So anyway, yes, it seems to me that by far the better plan is to put the credentials-checking code in a separate module. Then you can call it from anywhere you like. One approach to credentials-checking (and there are others) is to do an initial username/password login, then place a cookie in the user's browser that keeps them logged in for that session (the cookie should not contain the password - usually it's an MD5 hash or something like that). The book 'Writing Apache modules with Perl and C' has lots of useful stuff on this kind of thing. Obviously it's more relevant to Apache than to other web servers. <grin> One approach that can be used is to put the credentials-checking stuff in the Authentication/Authorization stages of the Apache request cycle. This is good because:
There's more info about how to do that, and some great examples, here (a chapter from the book named above). The basic example looks like this: (by Lincoln Stein and Doug MacEachern) with this explanation for the codes passed to Apache: DECLINED means that this handler doesn't deal with the request (instead control is passed to the next handler, if there is one) OK means sure, let the user in FORBIDDEN returns the 'access forbidden' error to the user's browser SERVER_ERROR is obvious. So in the real world you might first check whether the URL is one to which you want to control access (if it isn't then return DECLINED), check whether the user has the right credentials, if they do then return OK else return FORBIDDEN. HTH! Best wishes, andye
In Section
Seekers of Perl Wisdom
|
|