CSCI 4230
Internet Applicaiton Development
Fall 2000
Suugested Solution to Homework #5

(1)    For example:

use strict;
use URI::Escape;
use CGI qq(:standard);

#    preview.pl
#    by K. Yue August 25, 2000
#    A Perl program to preview and sbumit HTML and plain text message post.

#    Getting user parameters.
my $name = param("name");
my $subject = param("subject");
my $comment = param("comment");
my $submit = param("submit");
my $preview = param("preview");
my $postmode = param("postmode");

#    Process parameters.
if ($submit) {
    if ($preview) {
        showPreviewPage($name, $subject, $comment, $postmode);
    }
    else {
        showSubmissionPage($name, $subject, $comment, $postmode);
    }
}
else {
    showInitialPage();
}
exit 0;
#    End of main

#    No user input.  Show the initial page for accepting
#    message posting.
sub showInitialPage {
    print header,
          start_html("Message Posting"),
          h2("Post Your Comments"),
          formString("","","","html"),
          end_html;
}    #    showInitialPage

# Show the preview page.
sub showPreviewPage {
    my ($name, $subject, $comment, $postmode) = @_;
    #    Input fields converted to HTML format for display.
    my ($htmlName, $htmlSubject, $htmlComment) = convertToHTML($name, $subject, $comment, $postmode);
    #    Convert & to & for display within comment textarea.
    $comment =~ s/&/&/gi;

    #    Print the preview page.
    print header,
          start_html("Preview of Posting"),
          h2("Message Posting Preview"),
          "The message: ",
          p,
          "<div style=\"background-color:#ccccff\">",
          "<strong>Name: $htmlName<br>Subject: $htmlSubject</strong><p>",
          "$htmlComment</div>",
          p,
          formString($name, $subject, $comment, $postmode),
          end_html;
}    #    showPreviewPage

sub showSubmissionPage {
    my ($name, $subject, $comment, $postmode) = @_;
    #    Input fields converted to HTML format for display.
    my ($htmlName, $htmlSubject, $htmlComment) = convertToHTML($name, $subject, $comment, $postmode);

    #    Print the submission page.
    print header,
          start_html("Message Posting"),
          h2("Message Posting"),
          "Thank you for posting the following message:",
          p,
          "<div style=\"background-color:#ccffff\">",
          "<strong>Name: $htmlName<br>Subject: $htmlSubject<br>Date: " . (localtime) . "</strong><p>",
          "$htmlComment</div>",
          end_html;

    #    Add code for saving to a database or files here...
}    #    showSubmissionPage

#    Convert a comment string to HTML format for display.
#    Accept only HTML tags as specified by $ACCEPT_TAGS_STRING.
sub convertToHTML {
    my ($name, $subject, $comment, $postmode) = @_;
    #    Acceptable HTML tags.
    my $ACCEPT_TAGS_STRING = "a|b|blockquote|br|center|font|hr|i|li|ol|p|pre|u|ul";
    #    Output variables
    my ($htmlName, $htmlSubject, $htmlComment) = ($name, $subject, $comment);

    #    Convert < to &lt; and & to &amp; for $htmlName and $htmlSubject
    $htmlName =~ s/&/&amp;/gi;
    $htmlName =~ s/</&lt;/gi;
    $htmlSubject =~ s/&/&amp;/gi;
    $htmlSubject =~ s/</&lt;/gi;

    #    Convert comment
    if ($postmode eq "html") {
        $htmlComment =~ s/</&lt;/gi;
        $htmlComment =~ s/&lt;($ACCEPT_TAGS_STRING)([ >\/])/<\1\2/gi;
        $htmlComment =~ s/&lt;\/($ACCEPT_TAGS_STRING)>/<\/\1>/gi;
    }
    else {    #    Mode is plain text.
        $htmlComment =~ s/&/&amp;/gi;
        $htmlComment =~ s/</&lt;/gi;
        $htmlComment = "<pre>" . $htmlComment . "</pre>";
    }

    ($htmlName, $htmlSubject, $htmlComment);
}    #    ConvertToHTML

#    Return the string of a HTML form to accept message posting.
sub formString {
    my ($name, $subject, $comment, $postmode) = @_;
    my $textSelected = "";
    my $htmlSelected = "";

    if ($postmode eq "text") {
        $textSelected = "selected ";
    }
    else {    #    mode is HTML
        $htmlSelected = "selected ";
    }

    return <<_END_FORM;
<form method="POST" name="CommentEntry">
<input type="HIDDEN" value="1" name="preview" />
<table width="80%" border="0" cellpadding="5" cellspacing="0">
<tr>
<td>
<strong>Name:&nbsp;&nbsp;</strong><input type="TEXT" name="name"
maxlength="100" size="60" value="$name" />
</td>
</tr>

<tr>
<td>
<strong>Subject:&nbsp;&nbsp;</strong><input type="TEXT" name="subject"
maxlength="100" size="60" value="$subject" />
</td>
</tr>

<tr>
<td>
<textarea ID="comment" name="comment" cols="60" rows="12"  style="width:
100%;">$comment</textarea>
</td>
</tr>

<tr>
<td>
<em>Allowed HTML:  &lt;a&gt; &lt;b&gt; &lt;blockquote&gt; &lt;br&gt;
&lt;center&gt; &lt;font&gt; &lt;hr&gt; &lt;i&gt; &lt;li&gt; &lt;ol&gt;
&lt;p&gt; &lt;pre&gt; &lt;u&gt; &lt;ul&gt;</em>
</td>
</tr>

<tr>
<td>
<input type="SUBMIT" name="submit" onclick="this.form.preview.value = 1;"
value="Preview" />
<input type="SUBMIT" name="submit" onclick="this.form.preview.value = 0;"
value="Submit" />

Posted as:
<select name="postmode">
<option value="text" $textSelected/>plain text
<option value="html" $htmlSelected/>HTML
</SELECT>
</td>
</tr>
</table>
</form>
_END_FORM
}    #    formString