Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much
 
PerlMonks  

comment on

( [id://3333]=superdoc: print w/replies, xml ) Need Help??

The folks at http://nms-cgi.sourceforge.net/ have written many replacement scripts for the scripts written by Matt Wright, the author of Matts Script Archive), because formmail.pl is the mother of all spammer-abused mailscripts.

The scripts offered there are self contained, single-function scripts that try to do one function and that function well, at least that's the impression I got from them.

Here are some things that I found horrible about the code:

You don't give Matt Wright credit even though you admit you copied the code from him before you modified it. This is bad form.

In the "comments" section:

## the email address from the webpage form code. If in doubt, ## +################### ## hardcode the email address into the script by excluding the ## +################### ## 'listemail' parameter from the webpage form script code, and ## +###################
That's completely bogus. There is no doubt. A spammer will automatically scan websites for any pages with an embedded hidden field containing an email address, and then submit that form with an email address of their own to check it. Any HTML page that uses a non-hardcoded email address will be used by spammers. Period. Defensive behaviour dicates that this option must always be disabled, as people will not read that far or understand what malice is possible through this.

The hardcoded email address:

$LIST_EMAIL = "reaction"; $LIST_EMAIL .= "\@"; $LIST_EMAIL .= "optionalreaction.com";
is build in a very confusing way. Not splitting the address in three parts and using single quotes makes usage of the address much much better:
$LIST_EMAIL = q(reaction@optionalreaction.com);
The single quotes prevent that the @ is interpreted as an array, as single quotes do not interpolate variables. See the use strict; and the use warnings; remark further down.

The templates for the webpages are just horrible:

... $WEBPAGE_COMPONENT[7] = "<br><br>[Expected email frequency is: MONTHLY + VARIABLE]"; $WEBPAGE_COMPONENT[8] = "<br><br>[No further action is required]"; $WEBPAGE_COMPONENT[9] = "<br><br>[Your email address will not be sent, + given, or sold, to any third party]"; ...
Use "here documents" or external files, but don't paste them together from arrays that get assigned line by line. Or use one of the many templating systems to make your pages fully customizable.

Also, the parametrization of that part is very bad, as the two lines

$WEBPAGE_COMPONENT[1] = "'</b><br><br>has been <b>ADDED</b> to<br><br> +<b>'"; $WEBPAGE_COMPONENT[2] = "'</b><br><br>has been <b>REMOVED</b> from<br> +<br><b>'";
show. They differ only in the action that was taken and should thus be collapsed to a single line which is then filled with the action taken:
my %messages = ( Add => '<b>ADDED</b> to', Remove => '<b>REMOVED</b> from', ); $ACTION_MESSAGE = "'</b><br><br>has been $messages{$action}<br><br><b> +'";
Also, what's with the weird quoting? Double quotes ("") or single quotes (''), but not both intermixed.

The writing and rewriting of the file by accumulating stuff into $Buffer is just horrible. Write into the file line by line. And if you insist on using $Buffer for writing to the file, then use it everywhere instead of writing the buffer first, and then a single line with the newly added email after it.

The script is not running under taint mode, is not using strict and is not using warnings. All of these help Perl to protect you from stupid things like typos, misconceptions and input data not being what you expect. You should use them, especially when you are starting out with Perl. They are powerfull tools to protect you.

If you can't track such an error as a spurious space in front of your output in your script, then you obviously haven't programmed much. And obviously, you don't know much about Perl, because Perl does not create "empty" buffers by writing a backslash and a zero into it. If you had double-quoted that string, it would have contained a binary zero character, but that would put a binary zero at the start of your file - highly unlikely that you want that.

Update: Added paragraph about use strict; and use warnings;


In reply to Re^3: Annoying whitespace(s)... by Corion
in thread Annoying whitespace(s)... by reaction

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (5)
As of 2024-03-29 00:17 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found