[1/4] from: sharriff::aina::med-iq::de at: 4-Oct-2000 8:58
Hi guys! Sorry to bother you with this newbie question: Why does one have to "make object!" after a "decode-cgi" ? just curious... Sharriff Aina med.iq information & quality in healthcare AG Gutenbergstr. 42 41564 Kaarst tel.: 02131-3669-0 fax: 02131-3669-599 www.med-iq.de
[2/4] from: al:bri:xtra at: 4-Oct-2000 2:08
Sharriff Aina wrote:
> Sorry to bother you with this newbie question: > Why does one have to "make object!" after a "decode-cgi" ? just curious...
Actually, one doesn't have to, but it's safer for your software if you so, as you can put arbitrary Rebol code in the cgi url. Putting the results of the decode-cgi in a object minimises the damage the Rebol code can do. Andrew Martin ICQ: 26227169 http://members.nbci.com/AndrewMartin/ http://members.xoom.com/AndrewMartin/
[3/4] from: brett:codeconscious at: 4-Oct-2000 21:25
Though, as noted on an earlier message on this list, doing so means that you will only get one value from a multi-select input. Brett.
[4/4] from: sterling:rebol at: 4-Oct-2000 10:44
It simply makes an easy-access object out of the data: decode-cgi "foo=10&bar=20" == [foo: 10 bar: 20] when you make an object out of it with: cgi: make object! decode-cgi "foo=10&bar=20" you can access the form values like this: cgi/foo == 10 cgi/bar == 20 The reason you might not make an objects is if you have multiple form items on the page with the same name so your cgi query string looks like this: foo=10&bar=20&bar=30 Then if you make an object, you'll only get one value for 'bar. WARNING You can also DO the decoded cgi block and it will set the words to their respective valus. This is neat but remember that any word can come in through cgi so if you do this: do decode-cgi "foo=10&bar=20&read=0" will stomp all over the word 'read... not a good idea. And since you do not have control over what somebody could hack pu and send in to you cgi program it is not generally a good idea to DO the decode-cgi block. WARNING Sterling