Getting specific
--#--
Now that we have the names of only text input fields, we can 
pick out just those <input tags and not worry about the type
parameter.<br>
<br>
<code>
$val = $query->param($_);
$html_content =~ s/(<input[^>]*)name="?$_"?)([^>]*>)/$1 $2 value="$val" $3/si;
</code>
<br>
This regex uses an easy, but handy, trick for matching most characters inside
the &lt;input&gt; tag: <i>[^&gt;]*</i> This means zero or more characters 
that are anything but NOT the tag closing character <i>$gt;</i>. In regexes, 
it's often -- though not always -- easier to say what you're NOT looking 
for. Here, it doesn't matter what comes between the <i>&lt;input </i> beginning 
and the name parameter, as long as it's not the close of the whole 
<i>&lt;input&gt;</i> tag.<br>
<br>
Surprise! This substitution actually works pretty well. But what happens 
if the user enters unusual characters into the field. As it turns out, the 
worst he can do is put quote marks in -- <i>Mack "the knife" O'Shaugnessy.</i>
<br>
Try this with this regex. The browser, when it redisplays the field, will 
display only <i>Mack</i>. You could get around this by surrounding the 
<i>value</i> characters with a single quote instead of a double quote mark.
But what if he uses a single-quote for an apostrophe: <i>Mack "Momma's Boy" 
O'Shaugnessy</i>. Catastrophe!<br>
<br>
As it turns out, there's a simple solution: URL-encode the double quotes:<br>
<br>
<code>
$val =~ s/"/&quot;/g;
</code>
<br>
This gives us a very robust set of code for finding and stuffing in all 
the text fields:<br>
<br>
<code>
@texttypes = getTexts($html_content);
foreach (@texttypes) {
	$val = $query->param($_);
	$val =~ s/"/&quot;/g;
	$html_content =~ 
		s/(<input\s+[^>]*)(name="?$_"?)([^>]*>)/$1 $2 value="$val" $3/is;
}

sub getTexts {
	my($html) = @_;
	my @t = ();
	my @texts = split(/<input /i, $html);
	for (1 .. @texts - 1) {
		if ($texts[$_] =~ /type="?text/i && $texts[$_] =~ /name="?([\-\w]*)"?/i) {
			push(@t, $1);
		}
	}
	return @t;
}
</code>
<br>