=head1 NAME

XAO::DO::Web::CgiParam - Retrieves parameter from CGI environment

=head1 SYNOPSIS

 <%CgiParam param="username" default="test"%>

=head1 DESCRIPTION

Displays CGI parameter. Arguments are:

 name => parameter name
 default => default text

=cut

###############################################################################
package XAO::DO::Web::CgiParam;
use strict;
use XAO::Utils;
use XAO::Errors qw(XAO::DO::Web::CgiParam);
use base XAO::Objects->load(objname => 'Web::Page');

use vars qw($VERSION);
$VERSION='2.2';
### $VERSION=(0+sprintf('%u.%03u',(q$Id: CgiParam.pm,v 2.1 2005/01/14 01:39:57 am Exp $ =~ /\s(\d+)\.(\d+)\s/))) || die "Bad VERSION";

sub display ($;%) {
    my $self=shift;
    my $args=get_args(\@_);

    my $name=$args->{'name'} || $args->{'param'} ||
        throw $self "- no 'param' and no 'name' given";

    my $text;
    $text=$self->cgi->param($name);
    $text=$args->{'default'} unless defined $text;

    return unless defined $text;

    # Preventing XSS attacks. Unless we have a 'dont_sanitize' parameter
    # angle brackets are removed from the output.
    #
    if(!$args->{'dont_sanitize'}) {
        $text=~s/[<>]/ /sg;
    }

    # Trimming spaces
    #
    if(!$args->{'keep_spaces'}) {
        $text=~s/^\s*|\s*$//sg;
    }

    $self->textout($text);
}

###############################################################################
1;
__END__

=head1 METHODS

No publicly available methods except overriden display().

=head1 EXPORTS

Nothing.

=head1 AUTHOR

Copyright (c) 2005 Andrew Maltsev

Copyright (c) 2001-2004 Andrew Maltsev, XAO Inc.

<am@ejelta.com> -- http://ejelta.com/xao/

=head1 SEE ALSO

Recommended reading:
L<XAO::Web>,
L<XAO::DO::Web::Page>.