Bitte um kurzes Review von Tom23, 05.02.2008 17:47

Bitte um kurzes Review

Tom23 05.02.2008 17:47

perl

Hi Leute!

Ich habe früher viele Webandwendungen mit ASP gemacht und möchte nun privat auf Perl umsteigen. Doch leider habe ich von Perl und CGI noch nicht so viel Ahnung. Nichts desto trotz habe ich einen netten 40-Zeiler zusammen bekommen, der mir viel Freude bereitet. Es handelt sich um ein Skript, welches mittels XSLT einen Atom-Feed in XHTML transformiert.

Könntet ihr euch den Code mal anschauen und mir Verbesserungsvorschläge geben? Besonders im Hinblick auf die Sicherheit, da ich das Skript bald einmal ins Internet stellen möchte.

MfG & vielen Dank

Tom23

PS: Den überlangen Kommentar habe ich am Schluss angehängt.

#!/usr/bin/perl -w

Load modules

use strict;
use CGI qw(standard);
use CGI::Carp qw(fatalsToBrowser);

Set configuration constants

use constant FEED => '../RealWorld/xhtml/news.xml';
use constant FEED2XHTML => '../RealWorld/feed_atom.xsl';
use constant XHTMLTEMPLATE => '../RealWorld/template.xsl';
use constant PLAINCACHE => 'feed.tmp';

Initialize variables

my $cgi = new CGI or die('Error while initializing CGI');
my $xslt_param_plain = ' --novalid --nonet';
my $xslt_param = $xslt_param_plain;
my $id = $cgi->param('id');
my $cat = $cgi->param('c');
my $mode = $cgi->param('m');

Filter parameters

$id = ($id and $id =~ /^\d$/) ? $id : undef;
$cat = ($cat and $cat =~ /^\w+?$/) ? $cat : undef;
$mode = ($mode and $mode =~ /^\w+?$/) ? $mode : undef;

Compose xsltproc parameters

$xslt_param .= " --param entry $id" if ($id);
$xslt_param .= " --stringparam category "$cat"" if ($cat);
$xslt_param .= " --stringparam param "m=$mode"" if ($mode);

Transform the feed

if ($mode and $mode eq 'raw') {
print "Content-type: text/xml\n\n";
system('cat '.FEED);
} else {
print "Content-type: text/html\n\n";
system("/usr/bin/xsltproc $xslt_param ".FEED2XHTML.' '.FEED.'>'.PLAINCACHE);
if ($mode and $mode eq 'plain') {
system('cat ' . PLAINCACHE);
} else {
system("/usr/bin/xsltproc $xslt_param_plain ".XHTMLTEMPLATE.' '.PLAINCACHE);
}
}

END OF SCRIPT

###############################################################################

File: feed.cgi

Version: 0.4 Beta

###############################################################################

Vision

From the MCV perspective, this is a simple control that calles several views

(XSL stylesheets) to display a specific data model (Atom feeds).

It should be simple but secure and as reusable as possible.

###############################################################################

Manual

This script can be used to deliver Atom feeds in a flexible way. It uses

xsltproc and a couple of XSL stylesheets to tranform a feed into plain or

completly layouted XHTML.

You can also choose a single entry or only a category of entries, but

this is handled by the XSL stylesheet. We only need to pass the correct

parameters to xsltproc. Have a look at the parameters and their descriptions.

ID : Summary vs. Single Entry

- ?id=1 Returns the entry which's atom:id ends with 'id=1'.

# Without any id parameter you'll see a summary (no atom:content).

Mode : Enhanced, plain XHTML or raw Atom

- Enhanced XHTML is the default mode.

- ?m=plain Returns a minimalistic XHTML version

- ?m=raw Returns the atom feed without any transformation.

# Not even id or category filtering is done.

Category : Whatever your feed knows

- ?c=News This filters the feed for entries with the category term set

# to "News" and returns a summary. This only has an effect without
# an ID given.
###############################################################################

Setup

0. You'll need a working CGI environment and xsltproc

1. Create the PLAINCACHE file and make it modifyable by the webserver

2. Place stylesheets and the feed on the server

4. Adjust the configuration constants in this script

5. Place this script in your CGI folder and make it executable

6. Check if everything works fine.

###############################################################################

Release History

0.4 Summaries by category and fixed ID filtering (in feed_atom.xsl)

0.3 Implements summary and sinle entry views (ID)

0.2 Choose between raw Atom or plain and enhanced XHTML

0.1 Transformation from Atom to plain XHTML works

###############################################################################

Future Releases

0.5 External code audit and Atom/XHTML validation

0.6 Choose from several atom feeds (maybe aggregateable)

0.7 Usable from outside of CGI (shell), check cache date before retransform

0.8 Transform other feed formats (RSS Version x.y)

0.9 Try to hack it (heavy research required)

1.0 Remove debugging stuff and make it open to the public

###############################################################################

Beitrag melden

– Informationen zu den Bewertungsregeln

Tom23: Bitte um kurzes Review

Beitrag lesen

Load modules

Set configuration constants

Initialize variables

Filter parameters

Compose xsltproc parameters

Transform the feed

END OF SCRIPT

File: feed.cgi

Version: 0.4 Beta

Vision

From the MCV perspective, this is a simple control that calles several views

(XSL stylesheets) to display a specific data model (Atom feeds).

It should be simple but secure and as reusable as possible.

Manual

This script can be used to deliver Atom feeds in a flexible way. It uses

xsltproc and a couple of XSL stylesheets to tranform a feed into plain or

completly layouted XHTML.

You can also choose a single entry or only a category of entries, but

this is handled by the XSL stylesheet. We only need to pass the correct

parameters to xsltproc. Have a look at the parameters and their descriptions.

ID : Summary vs. Single Entry

- ?id=1 Returns the entry which's atom:id ends with 'id=1'.

Mode : Enhanced, plain XHTML or raw Atom

- Enhanced XHTML is the default mode.

- ?m=plain Returns a minimalistic XHTML version

- ?m=raw Returns the atom feed without any transformation.

Category : Whatever your feed knows

- ?c=News This filters the feed for entries with the category term set

Setup

0. You'll need a working CGI environment and xsltproc

1. Create the PLAINCACHE file and make it modifyable by the webserver

2. Place stylesheets and the feed on the server

4. Adjust the configuration constants in this script

5. Place this script in your CGI folder and make it executable

6. Check if everything works fine.

Release History

0.4 Summaries by category and fixed ID filtering (in feed_atom.xsl)

0.3 Implements summary and sinle entry views (ID)

0.2 Choose between raw Atom or plain and enhanced XHTML

0.1 Transformation from Atom to plain XHTML works

Future Releases

0.5 External code audit and Atom/XHTML validation

0.6 Choose from several atom feeds (maybe aggregateable)

0.7 Usable from outside of CGI (shell), check cache date before retransform

0.8 Transform other feed formats (RSS Version x.y)

0.9 Try to hack it (heavy research required)

1.0 Remove debugging stuff and make it open to the public