What is the equivalent of PHP's $_POST in a Perl CGI script and how can I use it?

Question

I have two Perl files: action.pl and the other is test.pl

action.pl has a form:

print $cgi->header, <<html;
<form action="test.pl" method="post">
html
while (my @row = $sth->fetchrow)
{
print $cgi->header, <<html;
ID:<input name="pid" value="@row[0]" readonly="true"/><br/>
Name: <input name="pname" value="@row[1]"/><br/>
Description : <input name="pdescription" value="@row[2]"/><br/>
Unit Price :<input name="punitprice" value="@row[3]"/><br/>
html
}
print $cgi->header, <<html
<input type="submit" value="update Row">
</form>
html

What should I write in test.pl so as to access the form values submitted by the user?

In other words, what equivalent of PHP's $_POST['pid'] in Perl?

Answer 1

Use CGI and param()

  use CGI ':standard';
  my $id    = param('id');

Answer 2

use CGI;
my $cgi = CGI->new();

for my $p ($cgi->param) {       # loop through all form inputs
    my $val = $cgi->param($p);  # get param's value
    # ...
}

To get the value of the 'pid' input, use:

$cgi->param('pid');

Update: The test script may look like:

#!/usr/bin/perl

use strict;
use warnings;
use CGI;

my $cgi = CGI->new();

printf "%sPid:%s", $cgi->header, $cgi->param('pid');

Answer 3

From CGI.pm as an alternative.

FETCHING THE PARAMETER LIST AS A HASH:
           use CGI;
           my $params = $q->Vars;
           print $params->{'address'};

           my @foo = split("\0",$params->{'foo'});
           my %params = $q->Vars;

Answer 4

First, you should turn on warnings. Had you done so, you would have noticed that you should use $row[1], $row[2] ... to access individual elements of @row. @row[0] creates a single element array slice.

Second, you would benefit from separating logic from presentation by using a templating module such as HTML::Template. Having while loops mixed in with heredocs make for unreadable code.

You can access the parameter values passed to your script by using a CGI form processing package. These days, I prefer to use CGI::Simple rather than CGI.pm because CGI::Simple has saner defaults and does not have the HTML generation baggage that comes with CGI.pm.

use strict; use warnings;
use CGI::Simple;

my $cgi = CGI::Simple->new;
my $pname = $cgi->param('pname');

Finally, keep in mind that you still need to validate 'pid' even though it is specified as readonly in the form. I would also recommend using CGI::Application to provide handlers for various actions rather than having a different script for each one.

Here is a simple example:

#!perl

use strict; use warnings;
use CGI::Simple;
use HTML::Template;

my $cgi = CGI::Simple->new;

# For demo purposes only. I would use CGI::Application
$cgi->param ? process_form($cgi) : show_form($cgi);

sub process_form {
    my ($cgi) = @_;

    print $cgi->header('text/plain'),
        sprintf("%s : %s\n",
            $cgi->param('pid'),
            $cgi->param('pname'),
        )
    ;
    return;
}

sub show_form {
    my ($cgi) = @_;
    my $tmpl = HTML::Template->new(scalarref => template() );
    $tmpl->param(
        PRODUCTS => [
            { PID => '1234', PNAME => 'Widget' },
            { PID => '4321', PNAME => 'Wombat' },
        ]
    );
    print $cgi->header, $tmpl->output;
    return;
}

sub template {
    return \ <<EO_TMPL;
<!DOCTYPE HTML>
<html><head><title>Test</title></head>
<body>
<TMPL_LOOP PRODUCTS>
<form method="POST">
<p><input name="pid" readonly="1" value="<TMPL_VAR PID>">
<input name="pname" value="<TMPL_VAR PNAME>"><input
type="submit" value="Update"></p></form>
</TMPL_LOOP>
</body>
</html>
EO_TMPL
}