MolSlide Support Project at bioinformatics.org

The MolSlide Support Project offers a tiny CGI program that enables Protein Explorer (PE) to save MolSlides to the local client disk, using PE's built-in MolSlide Manager. For further information, see MolSlides.Org.

The official project page at bioinformatics.org is http://bioinformatics.org/project/?group_id=508.


Eric Martz (emartz AT microbio DOT umass DOT edu)
Timothy Driscoll (tim AT molvisions DOT com)
July 2005
The source code for MolSlide Support is listed below. This code is copyright © 2005 by Timothy Driscoll, www.molvisions.com. No restrictions are placed on use of this code, but if you use it, please acknowledge the author.
Use
The HTML is generated into a javascript string variable named tosubmit. The following characters that may occur in tosubmit are escaped as follows. This was determined to be the minimal set compatible with the submission code below.
tosubmit = tosubmit.replace(/%/g, "%25");
tosubmit = tosubmit.replace(/\"/g, "%22")
tosubmit = tosubmit.replace(/&/g, "%26");
tosubmit = tosubmit.replace(/</g, "%3C");
tosubmit = tosubmit.replace(/>/g, "%3E");
The following is used to submit it to the CGI program.
<form name="saveForm" id="saveForm"
enctype="multipart/form-data"
method="post"
action="http://bioinformatics.org/molslidesupport/cgi-bin/save_molslide.cgi">

<script language='javascript'>

  with (document)
  {
    writeln("<input name=\"molslide1\" id=\"molslide1\"");
    writeln("value=\"" + tosubmit + "\"");
    writeln("type=\"hidden\">");
  }
</script>

  <input value="Save MolSlides via Bioinformatics.Org" type="submit">
</form>

Security Considerations

The CGI program writes nothing to the server's disk. It always returns the file to be saved to the same IP address that submitted the data. Were malicious data to be submitted, they would simply be returned to the submitter.


PERL SOURCE

#! /usr/bin/perl -wT

use strict;
use warnings;

use CGI;
use CGI::Carp qw( fatalsToBrowser );

$CGI::POST_MAX = 1024 * 2000;

BEGIN 
{
        sub carp_error 
        {
                my $error_message = shift;
                my $qe = new CGI;
                print $qe->start_html( "Error" ),
                $qe->h1( "Error" ),
                $qe->p( "the following error has occured: " ),
                $qe->p( $qe->i( $error_message ) ),
                $qe->end_html;
        }
        CGI::Carp::set_message( \&carp_error );
}

my $q = new CGI;
my( $name, $value );

print $q->header( -type=>'application/force-download',
                                                -attachment=>'molslide_set_01.htm' );

foreach $name ( $q->param ) 
{
        foreach $value ( $q->param ( $name ) ) 
        {
                $value =~ s/%22/"/gi;
                $value =~ s/%26/&/gi;
                $value =~ s/%3C/</gi;
                $value =~ s/%3E/>/gi;
# safest to do % last!
                $value =~ s/%25/%/gi;
                print "$value";
        }
}