We’re going to return now to the subject of CGI scripting, in order to create a guestbook script so that visitors to our web site can leave a pithy comment for others to read. Although some people view web guestbooks as vain and silly, I’ve chosen to present one here for two reasons. First, plenty of people (myself included) think the Web’s greatest possibilities lie in the area of fostering two-way communication, and a guestbook is a nice (albeit simple) step in that direction. Second, a guestbook script will let us look at two issues that are very important to web programmers.

The first issue involves how to safely handle untrusted data. Letting outside users submit data that will be stored in a file on the web server and displayed to other visitors to our site creates several security-related problems. Fortunately, Perl has a feature called tainting that is very helpful in combating those problems.

The second issue involves multiple users trying to update the same data at the same time. In this chapter we’ll see how to use something called file locking to solve that problem.

The Guestbook Script

The flowchart in Figure 12-1 shows the sequence of actions that our guestbook script, guestbook.cgi, will take.

Figure 12-1. The sequence of actions taken by the guestbook.cgi script

As the flowchart shows, the program begins by printing the top of the ...