[Nms-cgi-devel] Further Updates to countdown.pl

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hey guys, sorry I haven't been responding in a while; I've been busy. 
Anyways, here are some thoughts:

 >You also changed the shebang line to #!perl -wT. We need to agree on a
 >standard for shebang lines, but it'll probably be #!/usr/bin/perl -wT

Well, I was under NT when I was running it... I changed it when I uploaded 
it this time.  Apologies!

 >I don't agree with having use CGI::Carpi qw(fatalsToBrowser) in production
 >code. It gives too much information to anyone trying to crack the site. The
 >standard CGI error message is vague for a good reason. The full error
 >messsage is written to the server error log where the webmaster can read
 >it. By all means add it to the code - but comment it out in released
 >versions.

I thought Jonathan's idea of using CGI::Carp's set_message function was an 
excellent idea.
However, the code snippet he provided didn't work ;)  I changed it to this:

BEGIN{set_message(sub{print"[Error]"})if!$DEBUGGING;}

That will output "[Error]" whenever there is an error in the script when 
$DEBUGGING is set to 0.
However, if there is an error earlier in the BEGIN statement, CGI::Carp 
will output errors regardless
of what $DEBUGGING is set to.

In addition, I added all of the "config" variables to global variable 
declarations and placed them
inside the begin.  $DEBUGGING needed to be a pre-declared value in order 
for set_message
to work correctly; and I figured that all of the "config" variables should 
be placed together to
prevent confusion.

 >Maybe we should have used the query_string functixpno from CGI.pm as that
 >probably does the URL unencoding.

Hmmm... I couldn't find that function in the pod.
Are you talking about unescape() in CGI::Util?
Good idea, I'll put that in.

 >Otherwise, we _can't_ change the format of the parameters as this script is
 >supposed to work exactly the same way as Matt's. Users are supposed to be
 >able to copy our version on top and Matt's and it'll work straight off. If
 >you change the format, then that's not going to happen. I agree that your
 >format makes far more sense, but because of the rules of nms, we're stuck
 >with Matt's format.

Ugh... Fine.  I added support for both ways, however:

my @query_string = split(/,/, length param("date") > 0 ? param("date") : 
unescape($ENV{QUERY_STRING}));
@from_date = @query_string if(@query_string == 6);

This will let you use either countdown.pl?2002,9,7,0,0,0 or 
countdown.pl?date=2002,9,7,0,0,0.

 >> 4. I removed the start_html and end_html, big bold headers, etc. A script
 >> like this will most likely be used via SSI, so it makes sense
 >> to only output what is needed. Let the designer decide the output format :)
 >
 >Another good idea, but again we're stuck with Matt's definition of the
 >output. What would be good would be to have a simple template stored in the
 >__DATA__ filehandle. The default would need to be Matt's version, but it
 >would be easy to edit to something else.

I don't thing it really matters whether the start_html, etc. are not 
included; however, it does make a difference
if they are. If the script is used as stand-alone, the page will still 
display despite lack of head information; however,
html head information in the middle of the document is NOT a good idea.  If 
the end user wants big boldness, then
they can wrap the SSI in <h1> tags.  Lets not make the same mistake Matt 
did. :)

Also, some extra notes:
First of all, the version of CGI::Carp that we need is 1.09, according to 
its pod.  However, I am not sure what version first became start of the 
standard distribution.

Secondly, I am not sure how to upload on sourceforge.  For the time being, 
I re-uploaded to jcwren's server (http://jryan.perlmonk.org/nms/countdown.txt).

Thirdly, I have two midterms coming up over the next two days, so my time 
for NMS will be limited until my midterms are over.  I should be able to 
thoroughly look over another script during that time, however, so 
suggestions for the next script to pick apart are welcome.

Forthly (to Dave): My last name is Ryan, not my first.  Call me Joe please :)