I am using the CGI module and can get access to the POST & GET
variables
use CGI;
#create new cgi
my $m_cgi = new CGI;
#put cgi data into hash
my %m_cgi_data = $m_cgi->Vars;
What I would like todo is find some way of knowing whether a variable
is from a GET or a POST as for one form I would like to ignore GET's
Is this possible using cgi.pm?
I suspect that what you really want to know is whether a given request
is the result of a GET or a POST. A variable doesn't come from a GET or
a POST, it comes from a URL or a form. It is perfectly valid (although
little used) to do this in a form:
<form method="POST" action="test.cgi?this=hello">
<input type="hidden" name="that" value="world">
</form>
In the above, two variables are submitted, one via the URL and the other
via the form. param() returns both, url_param only returns the first.
Of course, a quesy submitted by someone typing in an URL can only
contain URL parameters. If you want to catch that, then you need to
check request_method(), which will contain either 'GET' or 'POST'.
OTOH, a person can copy an entire form into a local .HTML file and
change all of the input fields to 'hidden' with default values. A bit
of Javascript can even launch the request as soon as the file is opened,
allowing someone to send a query without passing through your website.
The only way to (mostly) prevent that is to examine the HTTP-Referrer
header to see where a request originated (but there are ways to spoof
that as well).