CGI not processing html form - Perl

Question

I am doing my Perl Assignment for the book database. I am required to make and html form that, where the user will type input such as:

1)title 2)author 3)language 4)year 5)sales

then i need CGI to process it. and store into database 'books'.

I am using MySql database.

The problem I am facing it is not outputting the values I have entered, I tried many ways debugging it, but still no results.

Here is my html form 'CreateForm.html"

<form method="post" action="http://localhost:8080/cgi-bin/create.cgi"  >
<table border="1">
<tr>
<td>Title: </td>
<td><input type="text" name="title"></td>
</tr>
<tr>
<td>Author: </td>
<td><input type="text" name="author"></td>
</tr>
<tr>
<td>Language: </td>
<td><input type="text" name="language"></td>
</tr>
<tr>
<td>Year of Publication: </td>
<td><input type="text" name="year"></td>
</tr>
<tr>
<td>Estimated sales: </td>
<td><input type="text" name="sales"></td>
</tr>
<tr>
<td><input type="submit" /></td>
</tr>
</table>
</form> 

I am running XAMPP on windows

Here is basically my code 'create.cgi'

#!"C:\xampp\perl\bin\perl.exe"
print "Content-type: text/html\r\n\r\n";

#include section
use strict;
use DBI;
use CGI;
my $q=new CGI;

#declaration section
my $name;
my $value;
my $sth;
my %FORM;
my $dbh;
my $sql;
my $rv;
my $key;
my $buffer;
my @pairs;
my $pair;
my $title;
my $author;
my $language;
my $year;
my $sales;



if ($ENV{'REQUEST_METHOD'} eq 'POST') {
  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
} else {
  $buffer = $ENV{'QUERY_STRING'};
}
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
  ($name, $value) = split(/=/, $pair);
  $name =~ tr/+/ /;
  $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $FORM{$name} = $value;
}

#parsing data
$title=$q->param('title');
$author=$q->param('author');
$language=$q->param('language');
$year=$q->param('year');
$sales=$q->param('sales');


#database connectivity
$dbh = DBI->connect('DBI:mysql:books', 'root', ''
               ) || die "Could not connect to database: $DBI::errstr";



#test insert
$sth=$dbh->do('INSERT INTO BOOKS (TITLE,AUTHOR,LANGUAGE,YEAR,SALES) VALUES (
    "Nineteen eight four",
    "George Orwell",
    "English",
    1947,
    25000000)
');


$sql="INSERT INTO BOOKS (TITLE,AUTHOR,LANGUAGE,YEAR,SALES) values ('$title','$author','$language','$year','$sales')";

$sth=$dbh->prepare($sql) or die "can't prepare $sql: $dbh->errstrn";
$rv=$sth->execute;


if ($rv==1){
print "Record has been successfully created !!!<br>";
}else{
print "Error!!while inserting record\n";
exit;
}

$sth = $dbh->prepare("SELECT * FROM BOOKS");
$sth->execute();



foreach $key(sort keys %FORM){
print "<h3>$key: $FORM{$key}</h3>";
}


print "<html>";
print "<head>";
print "<title>Create Form</title>";
print "</head>";
print "<body>";

print "Title: $FORM{'title'}              <br/>";
print "Author: $FORM{'author'}                <br/>";
print "Language: $FORM{'language'}                <br/>";
print "Year: $FORM{'year'}                <br/>";
print "Sales: $FORM{'sales'}                <br/>";


foreach $key(sort keys %FORM){
print "<h3>$key: $FORM{$key}</h3>";
}


#retrieving all tables to check
#while (my $ref = $sth->fetchrow_hashref()) {
#print "<br>Found a row:\n
#          id = $ref->{'BOOKID'}, 
#          tname = $ref->{'TITLE'}, 
#          author: $ref->{AUTHOR}, 
#          language: $ref->{'LANGUAGE'}, 
#          year: $ref->{'YEAR'}, 
#          sales: $ref->{'SALES'} \n";
#}


#while (my $ref = $sth->fetchrow_hashref()) {
#
#          %rec=%{$pRec};
#          print "$rec{'title'}";
#}


print "</body>";
print "</html>";



$sth->finish();
$dbh->disconnect();

the line

foreach $key(sort keys %FORM){
print "<h3>$key: $FORM{$key}</h3>";
}

doesn't output anything

the output I receive

Record has been successfully created !!!
Title:
Author:
Language:
Year:
Sales:

Empty entries, however the INSERT operation has been performed

30  Nineteen eight four     George Orwell   English     1947    25000000

Thanks in Advance

Answer 1

I don't understand why you're messing around with the %FORM hash, considering you are correctly accessing the parameters elsewhere, such as:

$title=$q->param('title');

Therefore, why don't you just output $title?

print "Title: $title <br/>";

If you want a hash with the keys and values of the parameters, then get it into a hashref with:

$params = $q->Vars;

Then, if you want to iterate over that hashref, do something like this:

foreach my $key ( sort keys %$params ) {
  print "$key has a value of $params->{$key}\n";
}

------------------------ 8< ------------------------

Addendum, not related to the question:

You really don't want to put your values in your SQL the way you are doing it:

$sql="INSERT INTO BOOKS (TITLE,AUTHOR,LANGUAGE,YEAR,SALES) values ('$title','$author','$language','$year','$sales')";

Instead, you want to use placeholders and pass in the parameters to the execute() method:

$sql = "INSERT INTO BOOKS (TITLE,AUTHOR,LANGUAGE,YEAR,SALES) values (?,?,?,?,?)";
$sth = $dbh->prepare($sql) or die "can't prepare $sql: $dbh->errstrn";
$sth->execute( $title, $author, $language, $year, $sales );