From: RedGrittyBrick on
On 29/03/2010 14:57, Dave wrote:
> On Mar 29, 9:26 am, RedGrittyBrick wrote:
>> On 29/03/2010 13:49, Dave wrote:
>>
>>> php://input allows you to read raw POST data. It is a less memory
>>> intensive alternative to $HTTP_RAW_POST_DATA and does not need any
>>> special php.ini directives. php://input is not available with
>>> enctype="multipart/form-data".
>>
>>> Do perl have an equivalent for this?
>>
>> Are you familiar with the CGI module?
>> Are you hitting out-of memory problems?
>>

>
> I'm somewhat familiar with the CGI and I'm not getting any out-of
> memory problems.

Sorry, it isn't clear to me why you don't just use CGI normally?

use strict;
use warnings;
use CGI;
...
my $query = new CGI;
...
my $foo = $query->param('foo');

Are you having some specific problem with this?

--
RGB
From: Dave on
On Mar 29, 11:08 am, RedGrittyBrick <RedGrittyBr...(a)spamweary.invalid>
wrote:
> On 29/03/2010 14:57, Dave wrote:
>
>
>
> > On Mar 29, 9:26 am, RedGrittyBrick wrote:
> >> On 29/03/2010 13:49, Dave wrote:
>
> >>> php://input allows you to read raw POST data. It is a less memory
> >>> intensive alternative to $HTTP_RAW_POST_DATA and does not need any
> >>> special php.ini directives. php://input is not available with
> >>> enctype="multipart/form-data".
>
> >>> Do perl have an equivalent for this?
>
> >> Are you familiar with the CGI module?
> >> Are you hitting out-of memory problems?
>
> > I'm somewhat familiar with the CGI and I'm not getting any out-of
> > memory problems.
>
> Sorry, it isn't clear to me why you don't just use CGI normally?
>
>    use strict;
>    use warnings;
>    use CGI;
>    ...
>    my $query = new CGI;
>    ...
>    my $foo = $query->param('foo');
>
> Are you having some specific problem with this?
>
> --
> RGB


Because the source is sending raw xml data without normal key/value
pairs (eg xml=...) over an HTTP POST. I think I found that I can use
$data=param('POSTDATA'); instead of the php line from the OP. The
tests so far seem to be right on point. Does anyone know if this is
safe or if there are problems that might arise using this syntax?

Dave
From: RedGrittyBrick on
On 29/03/2010 16:35, Dave wrote:
> On Mar 29, 11:08 am, RedGrittyBrick<RedGrittyBr...(a)spamweary.invalid>
> wrote:
>> On 29/03/2010 14:57, Dave wrote:
>>
>>
>>
>>> On Mar 29, 9:26 am, RedGrittyBrick wrote:
>>>> On 29/03/2010 13:49, Dave wrote:
>>
>>>>> php://input allows you to read raw POST data. It is a less memory
>>>>> intensive alternative to $HTTP_RAW_POST_DATA and does not need any
>>>>> special php.ini directives. php://input is not available with
>>>>> enctype="multipart/form-data".
>>
>>>>> Do perl have an equivalent for this?
>>
>>>> Are you familiar with the CGI module?
>>>> Are you hitting out-of memory problems?
>>
>>> I'm somewhat familiar with the CGI and I'm not getting any out-of
>>> memory problems.
>>
>> Sorry, it isn't clear to me why you don't just use CGI normally?
>>
>> use strict;
>> use warnings;
>> use CGI;
>> ...
>> my $query = new CGI;
>> ...
>> my $foo = $query->param('foo');
>>
>> Are you having some specific problem with this?
>
>
> Because the source is sending raw xml data without normal key/value
> pairs (eg xml=...) over an HTTP POST. I think I found that I can use
> $data=param('POSTDATA'); instead of the php line from the OP. The
> tests so far seem to be right on point. Does anyone know if this is
> safe or if there are problems that might arise using this syntax?

According to the documentation that is the correct function/method to
call for XML payloads such as yours
http://perldoc.perl.org/CGI.html#HANDLING-NON-URLENCODED-ARGUMENTS

I'd feed the resulting $data string into one of Perl's XML parsing
routines to see if it is well-formed. If you have the XML schema, you
can validate your $data against the schema using modules such as
XML::Validator::Schema.

Is this not what you meant by "safe" and "problems"? What sort of safety
do you seek? What sort of problems do you fear? Are you worried about
characters sets and encodings?

--
RGB
From: Dave on
On Mar 29, 11:50 am, RedGrittyBrick <RedGrittyBr...(a)spamweary.invalid>
wrote:
> On 29/03/2010 16:35, Dave wrote:
>
>
>
> > On Mar 29, 11:08 am, RedGrittyBrick<RedGrittyBr...(a)spamweary.invalid>
> > wrote:
> >> On 29/03/2010 14:57, Dave wrote:
>
> >>> On Mar 29, 9:26 am, RedGrittyBrick wrote:
> >>>> On 29/03/2010 13:49, Dave wrote:
>
> >>>>> php://input allows you to read raw POST data. It is a less memory
> >>>>> intensive alternative to $HTTP_RAW_POST_DATA and does not need any
> >>>>> special php.ini directives. php://input is not available with
> >>>>> enctype="multipart/form-data".
>
> >>>>> Do perl have an equivalent for this?
>
> >>>> Are you familiar with the CGI module?
> >>>> Are you hitting out-of memory problems?
>
> >>> I'm somewhat familiar with the CGI and I'm not getting any out-of
> >>> memory problems.
>
> >> Sorry, it isn't clear to me why you don't just use CGI normally?
>
> >>     use strict;
> >>     use warnings;
> >>     use CGI;
> >>     ...
> >>     my $query = new CGI;
> >>     ...
> >>     my $foo = $query->param('foo');
>
> >> Are you having some specific problem with this?
>
> > Because the source is sending raw xml data without normal key/value
> > pairs (eg xml=...) over an HTTP POST.  I think I found that I can use
> > $data=param('POSTDATA'); instead of the php line from the OP.  The
> > tests so far seem to be right on point.  Does anyone know if this is
> > safe or if there are problems that might arise using this syntax?
>
> According to the documentation that is the correct function/method to
> call for XML payloads such as yourshttp://perldoc.perl.org/CGI.html#HANDLING-NON-URLENCODED-ARGUMENTS
>
> I'd feed the resulting $data string into one of Perl's XML parsing
> routines to see if it is well-formed. If you have the XML schema, you
> can validate your $data against the schema using modules such as
> XML::Validator::Schema.
>
> Is this not what you meant by "safe" and "problems"? What sort of safety
> do you seek? What sort of problems do you fear? Are you worried about
> characters sets and encodings?
>
> --
> RGB


I guess I was right on the money! :) I was just interested in
knowing if someone knew of a better way or could provide known issues
with that way of parsing raw data. Thanks for everyones help.

Dave
From: Dr.Ruud on
RedGrittyBrick wrote:

> my $query = new CGI;

ITYM:

my $cgi = CGI::->new();

--
Ruud