"PERL in easy steps"

Ovid on 2005-12-03T21:59:32

"PERL in easy steps" instructs the reader how to write Common Gateway Interface (CGI) scripts in the popular Practical Extraction & Reporting Language (PERL). These allow the exchange of data between a web browser and a web server both on Windows platforms and on Unix-based platforms, such as Linux. The book contains exciting chapters on the major features of the PERL language and there are complete example scripts that illustrate each aspect of PERL.

"for" is for C-style loops and "foreach" is for iterating over arrays.
Slices? They've been renamed "subarrays" (though the word "slice" is correctly used in other parts of the book).
Matt's Script Archive is one of the top three recommended PERL (sic) resources.
What's "strict"?
Who cares if open FH, $file succceeded?
CGI.pm? Nah! This book includes its own lightweight and buggy form parser.
I found no mention of security (that include taint mode).
Standard web form counter errors (race condition).
Incorrect use of "flock" (race condition).
It's real fun reading <a href="http://localhost/cgi-bin/hello.pl">Click</a>
Why are we explaining "pack" to new programmers?

And to really get your blood boiling, from page 84 of my edition:

Like other functions a PERL subroutine can be passed a value as an argument from the caller.

The argument as usual is contained in regular brackets that follow the subroutine name in a function call.

PERL automatically stores the arguments passed in a special array called the "underscore array" - which is addressed as "@_".

The first argument value is placed in the underscore array's first element and can be referenced with the syntax "@_[0]".

Yes, conventional wisdom is correct. PERL (sic) is line noise.

And for creating "library files":

The subroutines in a PERL script may be placed in a separate file called a library. Library files are text files that contain the subroutines and normally have the ".lib" file extension.

Of course, since the author never mentions namespaces, the subroutines in a "Library file" are all in package "main" and you can use them with this handy syntax:

#!/usr/bin/perl

require "subs.lib";

&mimetype;

&dochead("Subroutines Library");

&start_table;
...

Why don't you give the publisher some feedback?

PERL!

sigzero on 2005-12-03T23:20:37

I always cringe and want to shout expletives when I see "PERL" and not "Perl".

Re:PERL!

Ovid on 2005-12-03T23:35:37

But you might be able to use PERL to write Php scripts.

Re:PERL!

sigzero on 2005-12-04T02:18:26
Or maybe I could use it with that nifty java language...JavaScript?!

Impressive!

Juerd on 2005-12-04T14:33:07

I have been speechless for minutes, after reading this. This is a post I feel I should reply to, to express how I think about it. But it was too much of a shock. My thought and feelings about this book are extremely hard to describe.

It's the same kind of feeling I get when I see someone without arms and legs, who is blind and deaf. I really do wonder how the author of this book manages to live with such a huge handicap. Not even the combination of great stupidity and even greater ignorance could stop him from writing a book. This man must really believe in himself, be highly motivated and not be afraid of anyone.

Impressive indeed.

Example code

ChrisDolan on 2005-12-04T18:54:39

Warning! Do not download and read the example code from the website! The misuse of HTML 2, let alone the abyssmal Perl code, will burn your eyes out.

Oh, the horror! Ovid, I curse you for exposing me to this evil. I want my ignorant bliss back.

Chris

Re: "PERL in easy steps"

davorg on 2005-12-05T12:04:10

Ah. Deja-vu. This reminds me a lot of the time I spent doing detailed reviews of "Perl and CGI for the World Wide Web" and "CGI 101".

I left a comment on the book's feedback page and I got a response from the author which pretty much missed all of the points you've made. I've send another, more detailed, reply. I'll let you know how it goes.

Re: "PERL in easy steps"

Ovid on 2005-12-05T17:08:31

I received a reply, too. I'm rather disturbed at how blithely the author took the my commentary though I must say that I was happy the publisher took the report seriously enough to contact the author.

Re: "PERL in easy steps"

jarich on 2005-12-10T03:30:36

I emailed the publisher explaining that none of the best practices that have come about in the last ten years were included in the book, etc. I got the following paraphrased response from the author:

I am surprised and impressed that a professional PERL programmer bought my book.

My code examples produce the correct output for the environment I specified.

Due to space restrictions I decided not to enhance the code examples to improve security, instead I kept them short for simplicity.

Thankyou.

I've written back counter-arguments arguing that by not enhancing the code examples for security, he's leaving his readers wide open to server compromises, but I don't know that he'll understand.

Re: "PERL in easy steps"

Ovid on 2005-12-10T04:11:56

OK, that's very interesting. You see, that's the exact same response I received. I wonder if the publisher is lying?

I'm sorry this reader was unhappy with my PERL book. I am flattered, and a little surprised, that a professional PERL programmer is buying this book. The listed code examples produce the illustrated output in the environment described. These could be enhanced to improve security but the additional code would extend beyond the space available. The examples are kept brief for simplicity. Thank you for your comments.

Re: "PERL in easy steps"

jarich on 2005-12-10T13:28:54

Yes, that's exactly what I received. From Harshad Kotecha.

It might not be the publisher who's lying. It might be that the author has a canned response to any criticism brought to him from someone who knows what they're talking about.

Who knows? The response to me looked genuine enough. It's definately shoddy work to send the same response to two different letters presumably bringing up somewhat different issues!