just try:
$q->start_form(-method=>"POST");
Jan Eden wrote:
Hi,
I use mod_rewrite to provide simpler URLs for my database-driven site. My document root's .htaccess contains the following line (among others):
RewriteRule pages/([0-9]+) cgi-bin/show.pl?id=$1
It works fine.
But some of my pages are password-protected, such that show.pl calls the following subroutine before granting access:
sub check_user { my ($user_id, $u_input, $p_input, $mode) = @_; my $query = "SELECT user_name, user_password FROM users WHERE user_id = ?"; my $sth = $dbh->prepare($query); $sth->execute($user_id); my ($user_name, $user_password) = $sth->fetchrow_array; $sth->finish(); return 1 if $u_input eq $user_name && $p_input eq $user_password; print $q->header(-type=>'text/html', -charset=>'utf-8', -expires => "-1d"), $page_head; print $q->h1("Identification"), $q->start_form(), qq{<p>Benutzer<br />}, $q->textfield("user_name"), "</p>", qq{<p>Passwort:<br />}, $q->password_field("user_password"), "</p>", $q->hidden("id", "$id"), $q->submit; return 0; }
As you can see, if the username/password are entered correctly, show.pl is called again with three parameters (id, username and password).
Unfortunately, the browser's address bar then changes to (e.g.)
http://mysite.com/pages/1234?id=1234
The page is displayed correctly.
But why is the query string added? The form's default method should be post, and the username/password are not displayed in the query string.
Thanks,
Jan
-- Vladimir D Belousov HiTech solutions for business http://businessreklama.ru
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
