[cgiapp] [Fwd: Re: ValidateRM not PP]

Lyle webmaster at cosmicperl.com
Sun Jan 25 20:00:22 EST 2009


Joshua Miller wrote:
> As for HTML::FillInForm, it's better to do nothing, than to use some
> regexp. I believe that is the point to which Ron was pointing. Using a
> regexp can cause you far more problems than good. That's not to say a
> pure-perl parser cannot be written, but that hand-writing a regex to
> attempt to half-ass the job is a horrible idea... you'll cause more
> problems than it's worth. It's still up to you, so you've been warned.
>   

I've been reading up on it. It's true that a regexp will always break. A 
collection of regexps working to get individual parts would be better, 
but still break in some circumstances. Writing a Scanner -> Lexer -> 
Parser in Pure Perl would be ideal, but not without it's own problems.

> As for validation, your suggestion to "not do any form validation with
> Perl as much as possible" is beyond bad advice. If anything, the
> advice should be reversed (and this is coming from the author of
> Data.FormValidator.js, which the following post recommends). The whole
> point of Data.FormValidator.js is to encourage backend validation
> along with frontend validation, and when issues arise, to encourage
> the use of backend validation.
>   

I don't think he meant "not do any form validation with Perl as much as 
possible". I think that came across wrong, as he later made a comment 
"Then, on the server, check for sanity and security.". I think he was 
trying to say you should try and have JavaScript as well to reduce calls 
to the server which is more costly... I could be wrong...

> I'd second the "ever" qualification on using a hand made regex to
> replace a real html  parser. It simple doesn't makes any sense. Find
> an html parser that is pure perl, and extend it - I'm sure there are
> ones out there.
>   

I've looked for one, the only one I could find is HTML::TagParser but it 
isn't suitable as it can't be used to recreate the page. Also looking at 
the source it uses regexp.

As much as the idea of writing a Pure Perl parser intrigues me, I don't 
have the time :( Especially as at this time I wouldn't actually be using 
it (my script is generating all the html input tags and parsing them 
into the html template).

Maybe I'll add it to one of my "would like to do at some point if I get 
chance lists"...


Lyle



More information about the cgiapp mailing list