Many basic web applications can be created that output only email and web documents. However, if you begin building larger web applications, you will eventually need to store data and retrieve it later. This chapter will discuss various ways to do this with different levels of complexity. Text files are the simplest way to maintain data, but they quickly become inefficient when the data becomes complex or grows too large. A DBM file provides much faster access, even for large amounts of data, and DBM files are very easy to use with Perl. However, this solution is also limited when the data grows too complex. Finally, we will investigate relational databases. A relational database management system (RDBMS) provides high performance even with complex queries. However, an RDBMS is more complicated to set up and use than the other solutions.
Applications evolve and grow larger. What may start out as a short, simple CGI script may gain feature upon feature until it has grown to a large, complex application. Thus, when you design web applications, it is a good idea to develop them so that they are easily expandable.
One solution is to make your solutions modular. You should try to abstract the code that reads and writes data so the rest of the code does not know how the data is stored. By reducing the dependency on the data format to a small chunk of code, it becomes easier to change your data format as you need to grow.
One of Perl’s greatest strengths is its ability to parse text, and this makes it especially easy to get a web application online quickly using text files as the means of storing data. Although it does not scale to complex queries, this works well for small amounts of data and is very common for Perl CGI applications. We’re not going to discuss how to use text files with Perl, since most Perl programmers are already proficient at that task. We’re also not going to look at strategies like creating random access files to improve performance, since that warrants a lengthy discussion, and a DBM file is generally a better substitute. We’ll simply look at the issues that are particular to using text files with CGI scripts.
If you write to any files from a CGI script, then you must use some form of file locking. Web servers support numerous concurrent connections, and if two users try to write to the same file at the same time, the result is generally corrupted or truncated data.
If your system supports it, using the
flock
command is the easiest way to do this.
How do you know if your system supports flock?
Try it: flock will die with a fatal error if
your system does not support it. However, flock
works reliably only on local files; flock does
not work across most NFS systems, even if your system
otherwise supports it.[19]
flock offers two different modes of
locking:
exclusive and shared. Many processes can
read from a file simultaneously without problems, but only one
process should write to the file at a time (and no other process
should read from the file while it is being written). Thus, you
should obtain an exclusive lock on a file when writing to it and a
shared lock when reading from it. The shared lock verifies that no
one else has an exclusive lock on the file and delays any exclusive
locks until the shared locks have been released.
To use flock, call it with a
filehandle to an open file and a
number indicating the type of lock you want. These numbers are
system-dependent, so the easiest way to get them is to use the
Fcntl
module. If you supply the :flock argument to
Fcntl, it will export LOCK_EX, LOCK_SH, LOCK_UN, and LOCK_NB for you.
You can use them as follows:
use Fcntl ":flock"; open FILE, "some_file.txt" or die $!; flock FILE, LOCK_EX; # Exclusive lock flock FILE, LOCK_SH; # Shared lock flock FILE, LOCK_UN; # Unlock
Closing a filehandle releases any locks, so there is generally no
need to specifically unlock a file. In fact, it can be dangerous to
do so if you are locking a filehandle that uses
Perl’s tie
mechanism. See file locking in the DBM section of this chapter for
more information.
Some systems do not support shared file locks and use exclusive locks
for them instead. You can use the script in Example 10.1 to test what flock
supports on your system.
Example 10-1. flock_test.pl
#!/usr/bin/perl -wT
use IO::File;
use Fcntl ":flock";
*FH1 = new_tmpfile IO::File or die "Cannot open temporary file: $!
";
eval { flock FH1, LOCK_SH };
$@ and die "It does not look like your system supports flock: $@
";
open FH2, ">>&FH1" or die "Cannot dup filehandle: $!
";
if ( flock FH2, LOCK_SH | LOCK_NB ) {
print "Your system supports shared file locks
";
}
else {
print "Your system only supports exclusive file locks
";
}If you need to both read and write to a file, then you have two options: you can open the file exclusively for read/write access, or if you only have to do limited writing and what you’re writing does not depend on the contents of the file, you can open and close the file twice: once shared for reading and once exclusive for writing. This is generally less efficient than opening the file once, but if you have lots of processes needing to access the file that are doing lots of reading and little writing, it may be more efficient to reduce the time that one process is tying up the file while holding an exclusive lock on it.
Typically when you use flock to lock a file, it
halts the execution of your script until it can
obtain a lock on your file. The LOCK_NB option tells
flock that you do not want it to block
execution, but allow your script to continue if it cannot obtain a
lock. Here is one way to time out if you cannot obtain a lock on a
file:
my $count = 0;
my $delay = 1;
my $max = 15;
open FILE, ">> $filename" or
error( $q, "Cannot open file: your data was not saved" );
until ( flock FILE, LOCK_EX | LOCK_NB ) {
error( $q, "Timed out waiting to write to file: " .
"your data was not saved" ) if $count >= $max;
sleep $delay;
$count += $delay;
}In this example, the code tries to get a lock. If it fails, it waits a second and tries again. After fifteen seconds, it gives up and reports an error.
If your system does not support flock, you will need to manually create your own lock files. As the Perl FAQ points out (see perlfaq5 ), this is not as simple as you might think. The problem is that you must check for the existence of a file and create the file as one operation. If you first check whether a lock file exists, and then try to create one if it does not, another process may have created its own lock file after you checked, and you just overwrote it.
To create your own lock file, use the following command:
use Fcntl;
.
.
.
sysopen LOCK_FILE, "$filename.lock", O_WRONLY | O_EXCL | O_CREAT, 0644
or error( $q, "Unable to lock file: your data was not saved" ):The O_EXCL function provided by Fcntl tells the system to open the file only if it does not already exist. Note that this will not reliably work on an NFS filesystem.
In order to create or update a text file, you must have the appropriate permissions. This may sound basic, but it is a common source of errors in CGI scripts, especially on Unix filesystems. Let’s review how Unix file permissions work.
Files have both an owner and a group. By default, these match the user and group of the user or process who creates the file. There are three different levels of permissions for a file: the owner’s permissions, the group’s permissions, and everyone else’s permissions. Each of these may have read access, write access, and/or execute access for a file.
Your CGI scripts can only modify a file if nobody (or the user your web server runs as) has write access to the file. This occurs if the file is writable by everyone, if it is writable by members of the file’s group and nobody is a member of that group, or if nobody owns the file and the file is writable by its owner.
In order to create or remove a file, nobody must have write permission to the directory containing the file. The same rules about owner, group, and other users apply to directories as they do for files. In addition, the execute bit must be set for the directory. For directories, the execute bit determines scan access, which is the ability to change to the directory.
Even though your CGI script may not modify a file, it may be able to replace it. If nobody has permission to write to a directory, then it can remove files in the directory in addition to creating new files, even with the same name. Write permissions on the file do not typically affect the ability to remove or replace the file as a whole.
Your CGI scripts may need to create temporary files for a number of reasons. You can reduce memory consumption by creating files to hold data as you process it; you gain efficiency by sacrificing performance. You may also use external commands that perform their actions on text files.
Typically, temporary files are anonymous; they are created by opening a handle to a new file and then immediately deleting the file. Your CGI script will continue to have a filehandle to access the file, but the data cannot be accessed by other processes, and the data will be reclaimed by the filesystem once your CGI script closes the filehandle. (Not all systems support this feature.)
As for most common tasks, there is a Perl module that makes managing
temporary files much simpler.
IO::File will create anonymous
temporary files for you with the new_tmpfile
class method; it takes no arguments. You can use it like
this:[20]
use IO::File; . . . my $tmp_fh = new_tmpfile IO::File;
You can then read and write to
$tmp_fh
just as you would any other filehandle:
print $tmp_fh "</html>
";
seek $tmp_fh, 0, 0;
while (<$tmp_fh>) {
print;
}Another option is to create a file and delete it when you are finished with it. One advantage is that you have a filename that can be passed to other processes and functions. Also, using the IO::File module is considerably slower than managing the file yourself. However, using named temporary files has two drawbacks. First, greater care must be taken choosing a unique filename so that two scripts will not attempt to use the same temporary file at the same time. Second, the CGI script must delete the file when it is finished, even if it encounters an error and exits prematurely.
The Perl FAQ suggests using the
POSIX module to generate a temporary
filename and an END block to ensure it will be
cleaned up:
use Fcntl;
use POSIX qw(tmpnam);
.
.
.
my $tmp_filename;
# try new temporary filenames until we get one that doesn't already
# exist; the check should be unnecessary, but you can't be too careful
do { $tmp_filename = tmpnam( ) }
until sysopen( FH, $tmp_filename, O_RDWR|O_CREAT|O_EXCL );
# install atexit-style handler so that when we exit or die,
# we automatically delete this temporary file
END { unlink( $tmp_filename ) or die "Couldn't unlink $tmp_filename: $!" }If your system doesn’t support POSIX, then you will have to create the file in a system-dependent fashion instead.
If you need to include multiple fields of data in each line of your text file, you will likely use delimiters to separate them. Another option is to create fixed-length records, but we won’t get into these files here. Common characters to use for delimiting files are commas, tabs, and pipes (|).
Commas are primarily used in CSV files, which we will discuss presently. CSV files can be difficult to parse accurately because they can include non-delimiting commas as part of a value. When working with CSV files, you may want to consider the DBD::CSV module; this gives you a number of additional benefits, which we will discuss shortly.
Tabs are not generally included within data, so they make convenient delimiters. Even so, you should always check your data and encode or remove any tabs or end-of-line characters before writing to your file. This ensures that your data does not become corrupted if someone happens to pass a newline character in the middle of a field. Remember, even if you are reading data from an HTML form element that would not normally accept a newline character as part of it, you should never trust the user or that user’s browser.
Here is an example of functions you can use to encode and decode data:
sub encode_data {
my @fields = map {
s/\/\\/g;
s/ /\t/g;
s/
/\n/g;
s/
/\r/g;
$_;
} @_;
my $line = join " ", @fields;
return "$line
";
}
sub decode_data {
my $line = shift;
chomp $line;
my @fields = split / /, $line;
return map {
s/\(.)/$1 eq 't' and " " or
$1 eq 'n' and "
" or
$1 eq 'r' and "
" or
"$1"/eg;
$_;
} @fields;
}These functions encode tabs and end-of-line characters with the
common escape characters that Perl and
other languages use ( ,
,
and
). Because it is introducing additional
backslashes as an escape character, it must also escape the
backslash character.
The encode_data sub takes a list of fields and
returns a single encoded scalar that can be written to the file;
decode_data takes a line read from the file and
returns a list of decoded fields. You can use them as shown in Example 10.2.
Example 10-2. sign_petition.cgi
#!/usr/bin/perl -wT
use strict;
use Fcntl ":flock";
use CGI;
use CGIBook::Error;
my $DATA_FILE = "/usr/local/apache/data/tab_delimited_records.txt";
my $q = new CGI;
my $name = $q->param( "name" );
my $comment = substr( $q->param( "comment" ), 0, 80 );
unless ( $name ) {
error( $q, "Please enter your name." );
}
open DATA_FILE, ">> $DATA_FILE" or die "Cannot append to $DATA_FILE: $!";
flock DATA_FILE, LOCK_EX;
seek DATA_FILE, 0, 2;
print DATA_FILE encode_data( $name, $comment );
close DATA_FILE;
print $q->header( "text/html" ),
$q->start_html( "Our Petition" ),
$q->h2( "Thank You!" ),
$q->p( "Thank you for signing our petition. ",
"Your name has been been added below:" ),
$q->hr,
$q->start_table,
$q->Tr( $q->th( "Name", "Comment" ) );
open DATA_FILE, $DATA_FILE or die "Cannot read $DATA_FILE: $!";
flock DATA_FILE, LOCK_SH;
while (<DATA_FILE>) {
my @data = decode_data( $_ );
print $q->Tr( $q->td( @data ) );
}
close DATA_FILE;
print $q->end_table,
$q->end_html;
sub encode_data {
my @fields = map {
s/\/\\/g;
s/ /\t/g;
s/
/\n/g;
s/
/\r/g;
$_;
} @_;
my $line = join " ", @fields;
return $line . "
";
}
sub decode_data {
my $line = shift;
chomp $line;
my @fields = split / /, $line;
return map {
s/\(.)/$1 eq 't' and " " or
$1 eq 'n' and "
" or
$1 eq 'r' and "
" or
"$1"/eg;
$_;
} @fields;
}Note that organizing
your code this way gives you another
benefit. If you later decide you want to change the format of your
data, you do not need to change your entire
CGI script, just the
encode_data and decode_data
functions.
As we mentioned at the beginning of this chapter, it’s great to modularize your code so that changing the data format affects only a small chunk of your application. However, it’s even better if you don’t have to change that chunk either. If you are creating a simple application that you expect to grow, you may want to consider developing your application using CSV files. CSV (comma separated values) files are text files formatted such that each line is a record, and fields are delimited by commas. The advantage to using CSV files is that you can use Perl’s DBI and DBD::CSV modules, which allow you to access the data via basic SQL queries just as you would for an RDBMS. Another benefit of CSV format is that it is quite common, so you can easily import and export it from other applications, including spreadsheets like Microsoft Excel.
There are drawbacks to developing with CSV files. DBI adds a layer of complexity to your application that you would not otherwise need if you accessed the data directly. DBI and DBD::CSV also allow you to create only simple SQL queries, and it is certainly not as fast as a true relational database system, especially for large amounts of data.
However, if you need to get a project going, knowing that you will move to an RDBMS, and if DBD::CSV meets your immediate requirements, then this strategy is certainly a good choice. We will look at an example that uses DBD::CSV later in this chapter.
DBM files provide many advantages over text files for database purposes, and because Perl provides such a simple, transparent interface to working with DBM files, they are a popular choice for programming tasks that don’t require a full RDBMS. DBM files are simply on-disk hash tables. You can quickly look up values by key and efficiently update and delete values in place.
To use a DBM file, you must tie a Perl hash to the file using one of the DBM modules. Example 10.3 shows some code that uses the DB_File module to tie a hash to the file user_email.db.
Example 10-3. email_lookup.cgi
#!/usr/bin/perl -wT
use strict;
use DB_File;
use Fcntl;
use CGI;
my $q = new CGI;
my $username = $q->param( "user" );
my $dbm_file = "/usr/local/apache/data/user_email.db";
my %dbm_hash;
my $email;
tie %dbm_hash, "DB_File", $dbm_file, O_RDONLY or
die "Unable to open dbm file $dbm_file: $!";
if ( exists $dbm_hash{$username} ) {
$email = $q->a( { href => "mailto:$dbm_hash{$username}" },
$dbm_hash{$user_name} );
else {
$email = "Username not found";
}
untie %dbm_hash;
print $q->header( "text/html" ),
$q->start_html( "Email Lookup Results" ),
$q->h2( "Email Lookup Results" ),
$q->hr,
$q->p( "Here is the email address for the username you requested: " ),
$q->p( "Username: $username", $q->br,
"Email: $email" ),
$q->end_html;There are many different formats of DBM files, and likewise there are many different DBM modules available. Berkeley DB and GDBM are the most powerful. However, for web development Berkeley DB, and the corresponding DB_File module, is the most popular choice. Unlike GDBM, it provides a simple way for you to lock the database so that concurrent writes do not truncate and corrupt your file.
DB_File supports Version 1.xx functionality for Berkeley DB; Berkeley DB Versions 2.xx and 3.xx add numerous enhancements. DB_File is compatible with these later versions, but it supports only the 1.xx API. Perl support for version 2.xx and later is provided by the BerkeleyDB module. DB_File is much simpler and easier to use, however, and continues to be the more popular option. If Berkeley DB is not installed on your system, you can get it from http://www.sleepycat.com/. The DB_File and BerkeleyDB modules are on CPAN. DB_File is also included in the standard Perl distribution (although it is installed only if Berkeley DB is present).
Using DB_File is quite simple, as we saw earlier. You simply need to
tie a hash to the DBM file you want to use and then you can treat it
like a regular hash. The
tie
function takes at least two
arguments: the hash you want to tie and the name of the DBM module
you are using. Typically, you also provide the name of the DBM file
you want to use and access flags from
Fcntl.
You can also specify the file permission for the new file if you are
creating a file.
Often, you access hash files on a read/write basis. This complicates the code somewhat because of file locking:
use Fcntl;
use DB_File;
my %hash;
local *DBM;
my $db = tie %hash, "DB_File", $dbm_file, O_CREAT | O_RDWR, 0644 or
die "Could not tie to $dbm_file: $!";
my $fd = $db->fd; # Get file descriptor
open DBM, "+<&=$fd" or die "Could not dup DBM for lock: $!"; # Get dup filehandle
flock DBM, LOCK_EX; # Lock exclusively
undef $db; # Avoid untie probs
.
.
# All your code goes here; treat %hash like a normal, basic hash
.
.
untie %hash; # Clears buffers, then saves, closes, and unlocks fileWe use the O_CREAT and O_RDWR
flags imported by Fcntl to indicate that we want to open the DBM file
for read/write access and create the file if it does not exist. If a
new file is created, on Unix systems it is assigned 0644 as its file
permissions (although umask may restrict this
further). If tie succeeds, we store the
resulting DB_File object in
$db
.
The only reason we need $db is to get the file
descriptor of DB_File’s underlying DBM file. By using this, we
can open a read/write filehandle to this file descriptor. Finally,
this gives us a filehandle we can lock with
flock. We then undefine $db.
The reason we clear $db is not just to conserve
RAM. Typically, when you are done working with a tied hash, you
untie
it, just as you would
close a file, and if you do not explicitly
untie it, then Perl automatically does this for
you as soon as all references to the DB_File go out of scope. The
catch is that untie clears only the variable
that it is untying; the DBM file isn’t actually written and
freed until DB_File’s
DESTROY
method is called—when all references to the object have gone
out of scope. In our code earlier, we have two references to this
object: %hash and $db, so in
order for the DBM file to be written and saved, both these references
need to be cleared.
If this is confusing, then don’t worry about the specifics.
Just remember that whenever you get a DB_File object (such as
$db above) in order to do file locking, undefine
it as soon as you have locked the filehandle. Then
untie will act like close
and always be the command that frees your DBM file.
DB_File provides a very simple, efficient solution when you need to store name-value pairs. Unfortunately, if you need to store more complex data structures, you must still encode and decode them so that they can be stored as scalars. Fortunately, another module addresses this issue.
If you look at the bottom of the Perl manpage, you will see that the three great virtues of a programmer are laziness, impatience, and hubris. MLDBM is all about laziness, but in a virtuous way. With MLDBM, you don’t have to worry about encoding and decoding your Perl data in order to fit the confines of your storage medium. You can just save and retrieve it as Perl.
MLDBM turns another DBM like DB_File into a multilevel DBM that is not restricted to simple key-value pairs. It uses a serializer to convert complex Perl structures into a representation that can be stored and deserialized back into Perl again. Thus, you can do things like this:
# File locking omitted for brevity
tie %hash, "MLDBM", $dbm_file, O_CREAT | O_RDWR, 0644;
$hash{mary} = {
name => "Mary Smith",
position => "Vice President",
phone => [ "650-555-1234", "800-555-4321" ],
email => '[email protected]',
};Later, you can retrieve this information directly:
my $mary = $hash{mary};
my $position = $mary->{position};Note that because MLDBM is so transparent it will allow you to ignore the fact that data is stored in name-value pairs:
my $work_phone = $hash{mary}{phone}[1];However, be careful because this only works when you are reading, not when you are writing. You must still write the data as a key-value pair. This will silently fail:
$hash{mary}{email} = '[email protected]';You should do this instead:
my $mary = $hash{mary}; # Get a copy of Mary's record
$mary{email} = '[email protected]'; # Modify the copy
$hash{mary} = $mary; # Write the copy to the hashMLDBM keeps track of blessed objects, so it works exceptionally well for storing objects in Perl:
use Employee; my $mary = new Employee( "Mary Smith" ); $mary->position( "Vice President" ); $mary->phone( "650-555-1234", "800-555-4321" ); $mary->email( '[email protected]' ); $hash{mary} = $mary;
and for retrieving them:
use Employee;
my $mary = $hash{mary};
print $mary->email;When retrieving objects, be sure you use the corresponding module (in this case, a fictional module called Employee) before you try to access the data.
MLDBM does have limitations. It cannot store and retrieve filehandles or code references (at least not across multiple CGI requests).
When you use MLDBM, you must tell it which DBM module to use as well as which module to use for serializing and deserializing the data. The options include Storable, Data::Dumper, and FreezeThaw. Storable is the fastest, but Data::Dumper is included with Perl.
When you use MLDBM with DB_File, you can lock the underlying DBM file just like you would with DB_File:
use Fcntl;
use MLDBM qw( DB_File Storable );
my %hash;
local *DBM;
my $db = tie %hash, "MLDBM", $dbm_file, O_CREAT | O_RDWR, 0644 or
die "Could not tie to $dbm_file: $!";
my $fd = $db->fd; # Get file descriptor
open DBM, "+<&=$fd" or die "Could not dup DBM for lock: $!"; # Get dup filehandle
flock DBM, LOCK_EX; # Lock exclusively
undef $db; # Avoid untie probs
.
.
# All your code goes here; treat %hash like a normal, complex hash
.
.
untie %hash; # Clears buffers then saves, closes, and unlocks fileBecause of the sheer number of different database systems that exist, most database vendors have standardized on a query language (SQL) to update as well as access their databases. Before we go any further, let’s look more deeply into how this query language is used to communicate with various database systems.
SQL is the standardized language to access and manipulate data within relational database systems. The original SQL prototype defined a “structured” language, thus the term Structured Query Language, but this is no longer true of the current SQL-92 standard. SQL was designed specifically to be used in conjunction with a primary high-level programming language. In fact, most of the basic constructs that you would find in a high-level language, such as loops and conditionals, do not exist in SQL.
All major commercial relational database systems, such as Oracle, Informix, and Sybase, and many open source databases, such as PostgreSQL, MySQL, and mSQL, support SQL. As a result, the code to access and manipulate a database can be ported easily and quickly to any platform. Let’s look at SQL.
We will start out by discussing how a database is created. Suppose you have the following information:
|
Player |
Years |
Points |
Rebounds |
Assists |
Championships |
|---|---|---|---|---|---|
|
Larry Bird |
12 |
28 |
10 |
7 |
3 |
|
Magic Johnson |
12 |
22 |
7 |
12 |
5 |
|
Michael Jordan |
13 |
32 |
6 |
6 |
6 |
|
Karl Malone |
15 |
26 |
11 |
3 |
0 |
|
Shaquille O’Neal |
8 |
28 |
12 |
3 |
0 |
|
John Stockton |
16 |
13 |
3 |
11 |
0 |
The SQL code to create this database is:
create table Player_Info
(
Player varchar (30) not null,
Years integer,
Points integer,
Rebounds integer,
Assists integer,
Championships integer
);The create table command creates a database, or a table. The Player field is stored as a non-null varying character string. In other words, if the data in the field is less than thirty characters, the database will not pad it with spaces, as it would for a regular character data type. Also, the database forces the user to enter a value for the Player field; it cannot be empty.
The rest of the fields are defined to be integers. Some of the other valid data types include datetime, smallint, numeric, and decimal. The numeric and decimal data types allow you to specify floating-point values. For example, if you want a five-digit floating-point number with a precision to the hundredth place, you can specify decimal (5, 2).
Before we discuss how to obtain data from a database table, we need to discuss how to populate the database in the first place. In SQL, we do this with the insert statement. Say we need to add another player to the database. We could do it this way:
insert into Player_Info
values
('Hakeem Olajuwon', 16, 23, 12, 3, 2);As you can see, it is very simple to insert an element into the table. However, if you have a database with a large number of columns, and you want to insert a row into the table, you can manually specify the columns:
insert into Player_Info
(Player, Years, Points, Rebounds, Assists, Championships)
values
('Hakeem Olajuwon', 10, 27, 11, 4, 2);When used in this context, the order of the fields does not necessarily have to match the order in the database, as long as the fields and the values specified match each other.
The language required for accessing data has a lot more features than what we have discussed so far for simply creating and inserting data into a table. These additional elements make SQL an incredibly rich language for retrieving data once it is stored inside of database tables. We will also see later that updating and deleting data relies on the information in this section in order to determine which rows in a table actually become modified or removed from the database.
Let’s say you want a list of the entire database. You can use the following code:
select *
from Player_Info;The select command retrieves specific information from the database. In this case, all columns are selected from the Player_Info database. The “*” should be used with great caution, especially on large databases, as you might inadvertently extract a lot of information. Notice that we are dealing only with columns, and not rows. For example, if you wanted to list all the players in the database, you could do this:
select Player
from Player_Info;Now, what if you want to list all the players who scored more than 25 points? Here is the code needed to accomplish the task:
select *
from Player_Info
where Points > 25;This would list all the columns for the players who scored more than 25 points:
|
Player |
Years |
Points |
Rebounds |
Assists |
Championships |
|---|---|---|---|---|---|
|
Larry Bird |
12 |
28 |
10 |
7 |
3 |
|
Michael Jordan |
13 |
32 |
6 |
6 |
6 |
|
Karl Malone |
15 |
26 |
11 |
3 |
0 |
|
Shaquille O’Neal |
8 |
28 |
12 |
3 |
0 |
But, say you wanted to list just the Player and Points columns:
select Player, Points
from Player_Info
where Points > 25;Here is an example that returns all the players who scored more than 25 points and won a championship:
select Player, Points, Championships
from Player_Info
where Points > 25
and Championships > 0;The output of this SQL statement would be:
You could also use wildcards in a select command. For example, the following will return all the players that have a last name of “Johnson”:
select *
from Player_Info
where Player like '% Johnson';This will match a string ending with “Johnson”.
Let’s suppose that Shaquille O’Neal won a championship. We need to update our database to reflect this. This is how it can be done:
update Player_Info
set Championships = 1
where Player = 'Shaquille O''Neal';Note the where clause. In order to modify data,
you have to let SQL know what rows will be set to new values. To do
this, we use the same syntax that is used to access data in a table
except that instead of retrieving records, we are just changing them.
Also note that we must escape a single quote by using another single
quote.
SQL also has methods to modify entire columns. After every basketball season, we need to increment the Years column by one:
update Player_Info
set Years = Years + 1;If you wanted to delete “John Stockton” from the database, you could do this:
delete from Player_Info
where Player = 'John Stockton';If you want to delete all the records in the table, the following statement is used:
delete from Player_Info;
And finally, the drop table command deletes the entire database:
drop table Player_Info;
For more information on SQL, see the reference guide on SQL-92 at http://sunsite.doc.ic.ac.uk/packages/perl/db/refinfo/sql2/sql1992.txt.
The DBI module is the most flexible way to link Perl to databases. Applications that use relatively standard SQL calls can merely drop in a new DBI database driver whenever a programmer wishes to support a new database. Nearly all the major relational database engines have a DBI driver on CPAN. Although database-specific modules such as Sybperl and Oraperl still exist, they are being rapidly superseded by the use of DBI for most database tasks.
DBI supports a rich set of features. However, you need to use only a subset in order to accomplish most of what a simple database application requires. This section will cover how to create tables as well as insert, update, delete, and select data in those tables. Finally, we will pull it all together with an example of an address book.
While DBI supports concepts such as bind parameters and stored procedures, the behavior of these features is usually specific to the database they are being used with. In addition, some drivers may support database-specific extensions which are not guaranteed to exist in each database driver implementation. In this section we will focus on covering an overview of DBI features that are universally implemented across all DBI drivers.
In the examples here, we will use the DBD::CSV DBI driver. DBI drivers are preceded with “DBD” (database driver) followed by the actual driver name. In this case, CSV is short for “Comma Separated Value,” otherwise known as a comma-delimited flat text file. The reason the examples use DBD::CSV is that this driver is the simplest in terms of feature availability, and also DBD::CSV does not require you to know how to set up a relational database engine such as Sybase, Oracle, PostgreSQL, or MySQL.
If you are using Perl on Unix, the DBD::CSV driver may be found on CPAN and should be easily compiled for your platform by following the instructions. If you are using Perl on Win32 from ActiveState, we recommend using ActiveState’s PPM (Perl Package Manager) to download the DBD::CSV binaries from the ActiveState package repository for Win32 (refer to Appendix B).
To connect to a DBI database, you need to issue the connect method. A database handle that represents the connection is returned from the connect statement if successful:
use DBI;
my $dbh = DBI->connect("DBI:CSV:f_dir=/usr/local/apache/data/stats")
or die "Cannot connect: " . $DBI::errstr;The use statement tells Perl which library to load for accessing DBI. Finally, the connect statement takes the string that has been passed to it and determines the database driver to load, which in this case is DBD::CSV. The rest of the string contains database driver specific information such as username and password. In the case of DBD::CSV, there is no username and password; we need to specify only a directory where files representing database tables will be stored.
When you are finished with the database handle, remember to disconnect from the database:
$dbh->disconnect;
Database manipulation in DBI is quite simple. All you need to do is pass the create table, insert, update, or delete statement to the do method on the database handle. Immediately, the command will be executed:
$dbh->do( "insert into Player_Info values ('Hakeem Olajuwon', 10, 27, 11, 4, 2)")
or die "Cannot do: " . $dbh->errstr( );Querying a database with DBI involves a few more commands since there are many ways in which you might want to retrieve data. The first step is to pass the SQL query to a prepare command. This will create a statement handle that is used to fetch the results:
my $sql = "select * from Player_Info";
my $sth = $dbh->prepare($sql)
or die "Cannot prepare: " . $dbh->errstr( );
$sth->execute( ) or die "Cannot execute: " . $sth->errstr( );
my @row;
while (@row = $sth->fetchrow_array( )) {
print join(",", @row) . "
";
}
$sth->finish( );Once the prepare command has been issued, the execute command is used to start the query. Since a query expects return results, we use a while loop to get each database record. The fetchrow_array command is used to fetch each row that is returned as an array of fields.
Finally, we clean up the statement handle by issuing the finish method. Note that in most cases we do not have to explicitly call the finish method. It is implicitly called by virtue of the fact that we have retrieved all the results. However, if the logic of your program decided to stop retrieving records before the entire statement had finished being retrieved, then calling finish is necessary in order to flush out the statement handle.
Most companies with an intranet have an online address book for looking up phone numbers and other employee details. Here, we’ll use DBI to implement a full address book against any database that supports SQL.
There are two scripts we need to take a look at. The first is not a web script. It is a simple script that creates the address table for the address book CGI to access:
#!/usr/bin/perl -wT
use strict;
use DBI;
my $dbh = DBI->connect("DBI:CSV:f_dir=/usr/local/apache/data/address_book")
or die "Cannot connect: " . $DBI::errstr;
my $sth = $dbh->prepare(qq`
CREATE TABLE address
(lname CHAR(15),
fname CHAR(15),
dept CHAR(35),
phone CHAR(15),
location CHAR(15))`)
or die "Cannot prepare: " . $dbh->errstr( );
$sth->execute( ) or die "Cannot execute: " . $sth->errstr( );
$sth->finish( );
$dbh->disconnect( );As you can see, this script puts together the DBI concepts of connecting to a database and submitting a table creation command. There is one twist though. Although it was previously demonstrated that the table creation could be accomplished through a simple do method on the database handle, the DBI code we used is similar to the DBI commands used to query a database.
In this case, we prepare the create table statement first, and then execute it as part of a statement handle. Although it is quick and easy to use the single do method, breaking up the code like this allows us to troubleshoot errors at different levels of the SQL submission. Adding this extra troubleshooting code can be very useful in a script that you need to support in production.
The final result is a table called address in
the /usr/local/apache/data/address_book
directory. The address table consists of five fields:
lname (last name), fname (first
name), dept (department),
phone, and location.
The address book CGI script is a self-contained program that displays query screens as well as allows the users to modify the data in the address book in any fashion they like. The default screen consists of a list of form fields representing fields in the database you might wish to query on (see Figure 10.1). If the Maintain Database button is selected, a new workflow is presented to the user for adding, modifying, or deleting address book records (see Figure 10.2).
Here’s the beginning of the code for the address book CGI script:
#!/usr/bin/perl -wT
use strict;
use DBI;
use CGI;
use CGI::Carp qw(fatalsToBrowser);
use vars qw($DBH $CGI $TABLE @FIELD_NAMES @FIELD_DESCRIPTIONS);
$DBH = DBI->connect("DBI:CSV:f_dir=/usr/local/apache/data/address_book")
or die "Cannot connect: " . $DBI::errstr;
@FIELD_NAMES = ("fname", "lname", "phone",
"dept", "location");
@FIELD_DESCRIPTIONS = ("First Name", "Last Name", "Phone",
"Department", "Location");
$TABLE = "address";
$CGI = new CGI( );The use
vars statement declares all the global
variables we will use in the program. Then, we initialize the global
variables for use. First,
$DBH
contains the database handle to be used
throughout the program. Then, @FIELD_NAMES and
@FIELD_DESCRIPTIONS contains a list of the
field names in the database as
well as their descriptive names for display to a user.
@FIELD_NAMES also doubles as a list of what the
form variable names that correspond to database fields will be
called.
$TABLE
simply contains the
table name.
Finally, $CGI
is a CGI object that contains the
information about data that was sent to the CGI script. In this
program, we will make heavy use of the parameters that are sent in
order to determine the logical flow of the program. For example, all
the submit
buttons on a form will be labelled with the prefix
“submit_” plus an action. This will be used to determine
which button was pressed and hence which action we would like the CGI
script to perform.
if ($CGI->param( "submit_do_maintenance" ) ) {
displayMaintenanceChoices( $CGI );
}
elsif ( $CGI->param( "submit_update" ) ) {
doUpdate( $CGI, $DBH );
}
elsif ( $CGI->param( "submit_delete" ) ) {
doDelete( $CGI, $DBH );
}
elsif ( $CGI->param( "submit_add" ) ) {
doAdd( $CGI, $DBH );
}
elsif ( $CGI->param( "submit_enter_query_for_delete" ) ) {
displayDeleteQueryScreen( $CGI );
}
elsif ( $CGI->param( "submit_enter_query_for_update" ) ) {
displayUpdateQueryScreen( $CGI );
}
elsif ( $CGI->param( "submit_query_for_delete" ) ) {
displayDeleteQueryResults( $CGI, $DBH );
}
elsif ( $CGI->param( "submit_query_for_update" ) ) {
displayUpdateQueryResults( $CGI, $DBH );
}
elsif ( $CGI->param( "submit_enter_new_address" ) ) {
displayEnterNewAddressScreen( $CGI );
}
elsif ( $CGI->param( "submit_query" ) ) {
displayQueryResults( $CGI, $DBH );
}
else {
displayQueryScreen( $CGI );
}As we just described, we are using the
$CGI
variable to determine the flow of
control through the CGI script. This big
if
block may look a bit
messy, but the reality is that you only need to go to one spot in
this program to see a description of what the entire program does.
From this if block, we know that the program
deals with displaying the query screen by default, but based on other
parameters may display a
new address screen,
update query screen, delete query screen, and various query result
screens, as well as various data modification result screens.
sub displayQueryScreen {
my $cgi = shift;
print $cgi->header( );
print qq`
<HTML>
<HEAD>
<TITLE>Address Book</TITLE>
</HEAD>
<BODY BGCOLOR = "FFFFFF" TEXT = "000000">
<CENTER>
<H1>Address Book</H1>
</CENTER>
<HR>
<FORM METHOD=POST>
<H3><STRONG>Enter Search criteria: </STRONG></H3>
<TABLE>
<TR>
<TD ALIGN="RIGHT">First Name:</TD>
<TD><INPUT TYPE="text" NAME="fname"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Last Name:</TD>
<TD><INPUT TYPE="text" NAME="lname"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Phone:</TD>
<TD><INPUT TYPE="text" NAME="phone"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Department:</TD>
<TD><INPUT TYPE="text" NAME="dept"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Location:</TD>
<TD><INPUT TYPE="text" NAME="location"></TD>
</TR>
</TABLE>
<P>
<INPUT TYPE="checkbox" NAME="exactmatch">
<STRONG> Perform Exact Match</STRONG>
(Default search is case sensitive against partial word matches)
<P>
<INPUT TYPE="submit" name="submit_query" value="Do Search">
<INPUT TYPE="submit" name="submit_do_maintenance" value="Maintain Database">
<INPUT TYPE="reset" value="Clear Criteria Fields">
</FORM>
<P><HR>
</BODY></HTML>
`;
} # end of displayQueryScreen
sub displayMaintenanceChoices {
my $cgi = shift;
my $message = shift;
if ($message) {
$message = $message . "
<HR>
";
}
print $cgi->header( );
print qq`<HTML>
<HEAD><TITLE>Address Book Maintenance</TITLE></HEAD>
<BODY BGCOLOR="FFFFFF">
<CENTER>
<H1>Address Book Maintenance</H1>
<HR>
$message
<P>
<FORM METHOD=POST>
<INPUT TYPE="SUBMIT" NAME="submit_enter_new_address" VALUE="New Address">
<INPUT TYPE="SUBMIT" NAME="submit_enter_query_for_update" VALUE="Update Address">
<INPUT TYPE="SUBMIT" NAME="submit_enter_query_for_delete" VALUE="Delete Address">
<INPUT TYPE="SUBMIT" NAME="submit_nothing" VALUE="Search Address">
</FORM>
</CENTER>
<HR>
</BODY></HTML>`;
} # end of displayMaintenanceChoices
sub displayAllQueryResults {
my $cgi = shift;
my $dbh = shift;
my $op = shift;
my $ra_query_results = getQueryResults($cgi, $dbh);
print $cgi->header( );
my $title;
my $extra_column = "";
my $form = "";
my $center = "";
if ($op eq "SEARCH") {
$title = "AddressBook Query Results";
$center = "<CENTER>";
} elsif ($op eq "UPDATE") {
$title = "AddressBook Query Results For Update";
$extra_column = "<TH>Update</TH>";
$form = qq`<FORM METHOD="POST">`;
} else {
$title = "AddressBook Query Results For Delete";
$extra_column = "<TH>Delete</TH>";
$form = qq`<FORM METHOD="POST">`;
}
print qq`<HTML>
<HEAD><TITLE>$title</TITLE></HEAD>
<BODY BGCOLOR="WHITE">
$center
<H1>Query Results</H1>
<HR>
$form
<TABLE BORDER=1>
`;
print "<TR>$extra_column"
. join("
", map("<TH>" . $_ . "</TH>", @FIELD_DESCRIPTIONS))
. "</TR>
";
my $row;
foreach $row (@$ra_query_results) {
print "<TR>";
if ($op eq "SEARCH") {
print join("
", map("<TD>" . $_ . "</TD>", @$row));
} elsif ($op eq "UPDATE") {
print qq`
<TD ALIGN="CENTER">
<INPUT TYPE="radio" NAME="update_criteria" VALUE="` .
join("|", @$row) . qq`"></TD>
`;
print join("
", map("<TD>" . $_ . "</TD>", @$row));
} else { # delete
print qq`
<TD ALIGN="CENTER">
<INPUT TYPE="radio" NAME="delete_criteria" VALUE="` .
join("|", @$row) . qq`"></TD>
`;
print join("
", map("<TD>" . $_ . "</TD>", @$row));
}
print "</TR>
";
}
print qq"</TABLE>
";
if ($op eq "UPDATE") {
my $address_table = getAddressTableHTML( );
print qq`$address_table
<INPUT TYPE="submit" NAME="submit_update" VALUE="Update Selected Row">
<INPUT TYPE="submit" NAME="submit_do_maintenance" VALUE="Maintain Database">
</FORM>
`;
} elsif ($op eq "DELETE") {
print qq`<P>
<INPUT TYPE="submit" NAME="submit_delete" VALUE="Delete Selected Row">
<INPUT TYPE="submit" NAME="submit_do_maintenance" VALUE="Maintain Database">
</FORM>
`;
} else {
print "</CENTER>";
}
print "</BODY></HTML>
";
}
sub getQueryResults {
my $cgi = shift;
my $dbh = shift;
my @query_results;
my $field_list = join(",", @FIELD_NAMES);
my $sql = "SELECT $field_list FROM $TABLE";
my %criteria = ( );
my $field;
foreach $field (@FIELD_NAMES) {
if ($cgi->param($field)) {
$criteria{$field} = $cgi->param($field);
}
}
# build up where clause
my $where_clause;
if ($cgi->param('exactmatch')) {
$where_clause = join(" and ",
map ($_
. " = ""
. $criteria{$_} . """, (keys %criteria)));
} else {
$where_clause = join(" and ",
map ($_
. " like "%"
. $criteria{$_} . "%"", (keys %criteria)));
}
$where_clause =~ /(.*)/;
$where_clause = $1;
$sql = $sql . " where " . $where_clause if ($where_clause);
my $sth = $dbh->prepare($sql)
or die "Cannot prepare: " . $dbh->errstr( );
$sth->execute( ) or die "Cannot execute: " . $sth->errstr( );
my @row;
while (@row = $sth->fetchrow_array( )) {
my @record = @row;
push(@query_results, @record);
}
$sth->finish( );
return @query_results;
} # end of getQueryResults
sub displayQueryResults {
my $cgi = shift;
my $dbh = shift;
displayAllQueryResults($cgi,$dbh,"SEARCH");
} # end of displayQueryResults
sub displayUpdateQueryResults {
my $cgi = shift;
my $dbh = shift;
displayAllQueryResults($cgi,$dbh,"UPDATE");
} # end of displayUpdateQueryResults
sub displayDeleteQueryResults {
my $cgi = shift;
my $dbh = shift;
displayAllQueryResults($cgi, $dbh, "DELETE");
} # end of displayDeleteQueryResults
sub doAdd {
my $cgi = shift;
my $dbh = shift;
my @value_array = ( );
my @missing_fields = ( );
my $field;
foreach $field (@FIELD_NAMES){
my $value = $cgi->param($field);
if ($value) {
push(@value_array, "'" . $value . "'");
} else {
push(@missing_fields, $field);
}
}
my $value_list = "(" . join(",", @value_array) . ")";
$value_list =~ /(.*)/;
$value_list = $1;
my $field_list = "(" . join(",", @FIELD_NAMES) . ")";
if (@missing_fields > 0) {
my $error_message =
qq`<STRONG> Some Fields (` . join(",", @missing_fields) .
qq`) Were Not
Entered!
Address Not Inserted.
</STRONG>`;
displayErrorMessage($cgi, $error_message);
} else {
my $sql = qq`INSERT INTO $TABLE $field_list VALUES $value_list`;
my $sth = $dbh->prepare($sql)
or die "Cannot prepare: " . $dbh->errstr( );
$sth->execute( ) or die "Cannot execute: " . $sth->errstr( );
$sth->finish( );
displayMaintenanceChoices($cgi,"Add Was Successful!");
}
} # end of doAdd
sub doDelete {
my $cgi = shift;
my $dbh = shift;
my $delete_criteria = $cgi->param("delete_criteria");
if (!$delete_criteria) {
my $error_message =
"<STRONG>You didn't select a record to delete!</STRONG>";
displayErrorMessage($cgi, $error_message);
} else {
my %criteria = ( );
my @field_values = split(/|/, $delete_criteria);
for (1..@FIELD_NAMES) {
$criteria{$FIELD_NAMES[$_ - 1]} =
$field_values[$_ - 1];
}
# build up where clause
my $where_clause;
$where_clause = join(" and ",
map ($_
. " = ""
. $criteria{$_} . """, (keys %criteria)));
$where_clause =~ /(.*)/;
$where_clause = $1;
my $sql = qq`DELETE FROM $TABLE WHERE $where_clause`;
my $sth = $dbh->prepare($sql)
or die "Cannot prepare: " . $dbh->errstr( );
$sth->execute( ) or die "Cannot execute: " . $sth->errstr( );
$sth->finish( );
displayMaintenanceChoices($cgi,"Delete Was Successful!");
}
} # end of doDelete
sub doUpdate {
my $cgi = shift;
my $dbh = shift;
my $update_criteria = $cgi->param("update_criteria");
if (!$update_criteria) {
my $error_message =
"<STRONG>You didn't select a record to update!</STRONG>";
displayErrorMessage($cgi, $error_message);
} else {
# build up set logic
my $set_logic = "";
my %set_fields = ( );
my $field;
foreach $field (@FIELD_NAMES) {
my $value = $cgi->param($field);
if ($value) {
$set_fields{$field} = $value;
}
}
$set_logic = join(", ",
map ($_ . " = "" . $set_fields{$_} . """,
(keys %set_fields)));
$set_logic = " SET $set_logic" if ($set_logic);
$set_logic =~ /(.*)/;
$set_logic = $1;
my %criteria = ( );
my @field_values = split(/|/, $update_criteria);
for (1..@FIELD_NAMES) {
$criteria{$FIELD_NAMES[$_ - 1]} =
$field_values[$_ - 1];
}
# build up where clause
my $where_clause;
$where_clause = join(" and ",
map ($_
. " = ""
. $criteria{$_} . """, (keys %criteria)));
$where_clause =~ /(.*)/;
$where_clause = $1;
my $sql = qq`UPDATE $TABLE $set_logic` .
qq` WHERE $where_clause`;
my $sth = $dbh->prepare($sql)
or die "Cannot prepare: " . $dbh->errstr( );
$sth->execute( ) or die "Cannot execute: " . $sth->errstr( );
$sth->finish( );
displayMaintenanceChoices($cgi,"Update Was Successful!");
}
} # end of doUpdate
sub displayEnterNewAddressScreen {
my $cgi = shift;
displayNewDeleteUpdateScreen($cgi, "ADD");
} # end of displayEnterNewAddressScreen
sub displayUpdateQueryScreen {
my $cgi = shift;
displayNewDeleteUpdateScreen($cgi, "UPDATE");
} # end of displayUpdateQueryScreen
sub displayDeleteQueryScreen {
my $cgi = shift;
displayNewDeleteUpdateScreen($cgi, "DELETE");
} # end of displayDeleteQueryScreen
sub displayNewDeleteUpdateScreen {
my $cgi = shift;
my $operation = shift;
my $address_op = "Enter New Address";
$address_op = "Enter Search Criteria For Deletion" if ($operation eq "DELETE");
$address_op = "Enter Search Criterio For Updates" if ($operation eq "UPDATE");
print $cgi->header( );
# Prints out the header
print qq`
<HTML><HEAD>
<TITLE>Address Book Maintenance</TITLE>
</HEAD>
<BODY BGCOLOR="FFFFFF">
<H1>$address_op</H1>
<HR>
<P>
<FORM METHOD=POST>
`;
if ($operation eq "ADD") {
print "Enter The New Information In The Form Below
";
} elsif ($operation eq "UPDATE") {
print "Enter Criteria To Query On In The Form Below.<P>
You will then be
able to choose entries to modify from the resulting list.
";
} else {
print "Enter Criteria To Query On In The Form Below.<P>
You will then be
able to choose entries to delete from the resulting list.
"
}
my $address_table = getAddressTableHTML( );
print qq`
<HR>
<P>
$address_table
`;
if ($operation eq "ADD") {
print qq`
<P>
<INPUT TYPE="submit" NAME="submit_add"
VALUE="Add This New Address"><P>
`;
} elsif ($operation eq "UPDATE") {
print qq` <INPUT TYPE="checkbox" NAME="exactsearch">
<STRONG>Perform Exact Search</STRONG>
<P>
<INPUT TYPE="submit" NAME="submit_query_for_update"
VALUE="Query For Modification">
<P>
`;
} else {
print qq`
<INPUT TYPE="checkbox" NAME="exactsearch">
<STRONG>Perform Exact Search</STRONG>
<P>
<INPUT TYPE="submit" NAME="submit_query_for_delete"
VALUE="Query For List To Delete">
<P>
`;
}
# print the HTML footer.
print qq`
<INPUT TYPE="reset" VALUE="Clear Form">
</FORM>
</BODY></HTML>
`;
} # end of displayNewUpdateDeleteScreen
sub displayErrorMessage {
my $cgi = shift;
my $error_message = shift;
print $cgi->header( );
print qq`
<HTML>
<HEAD><TITLE>Error Message</TITLE></HEAD>
<BODY BGCOLOR="WHITE">
<H1>Error Occurred</H1>
<HR>
$error_message
<HR>
</BODY>
</HTML>
`;
} # end of displayErrorMessage
sub getAddressTableHTML {
return qq`
<TABLE>
<TR>
<TD ALIGN="RIGHT">First Name:</TD>
<TD><INPUT TYPE="text" NAME="fname"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Last Name:</TD>
<TD><INPUT TYPE="text" NAME="lname"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Phone:</TD>
<TD><INPUT TYPE="text" NAME="phone"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Department:</TD>
<TD><INPUT TYPE="text" NAME="dept"></TD>
</TR>
<TR>
<TD ALIGN="RIGHT">Location:</TD>
<TD><INPUT TYPE="text" NAME="location"></TD>
</TR>
</TABLE>
`;
} # end of get
Address
TableHTMLYou probably noticed that the style of this CGI script is different from other examples in this book. We have already seen scripts that use CGI.pm, Embperl, and HTML::Template. This script uses quoted HTML; you can compare it against other examples to help you choose the style that you prefer.
Likewise, this CGI script is one long file. The advantage is that all of the logic is present within this file. The disadvantage is that it can be difficult to read through such a long listing. We’ll discuss the pros and cons of unifying applications versus breaking them into components in Chapter 16.
[19] If you need to lock a file across NFS, refer to the File::LockDir module in Perl Cookbook (O’Reilly & Associates, Inc.).
[20] Actually, if the filesystem does not support anonymous temporary files, then IO::File will not create it anonymously, but it’s still anonymous to you since you cannot get at the name of the file. IO::File will take care of managing and deleting the file for you when its filehandle goes out of scope or your script completes.