The nms Project

Web programs written by experts

[General nms Questions] [Perl Questions] [Common Problems]


Frequently Asked Questions about the nms CGI programs

<-- $Date: 2004/08/15 14:12:55 $ -->


This document seeks to answer some of the questions that people might want to ask about the nms project and the programs therein.

What is this nms thing all about?

nms is an attempt to provide replacements for all of the scripts from Matt's Script Archive. MSA is probably the most well-known archive of CGI programs currently available on the web. Among the Perl community, the MSA scripts are known to be badly-written, buggy and insecure.

nms was started when a group of Perl programmers got tired of telling people not to use Matt's programs and getting the reply "But what shall I use instead?"

But there are perfectly good programs already out there, why bother?

Actually, there aren't really.

Most CGI programs that are available for free download really aren't very good at all. Most of them seem to be written by people with very little knowledge of Perl.

Many of the developers on nms have been very active in the Perl community for years. They know Perl and CGI programming very well.

The problems with most other CGI programs, fall into three categories:

  1. The programs are insecure. Putting a CGI program on your web site is very risky. It means that you are allowing anyone to run a program on your web server. Unless these programs have been written very carefully, you may be allowing unscrupulous people (known as crackers) to gain access to more information than you intend. Eventually the crackers may be able to take control of your web server.

    Perl makes it very easy to write secure programs. Unfortunately, most CGI program authors don't seem to know this.

  2. The programs are buggy. Many of the other programs have had no kind of code review. This means that they often still have bugs in which can cause problems on your web site. You may be the first person to discover this bug. The support you get from the authors of these programs can be very patchy. I have never received a reply from Matt Wright when I've reported a bug in his scripts.

    The nms project has a large number of developers, therefore each line of code has been seen by many people. The chances of bugs is much reduced. Additionally, we have a dedicated mailing list to deal with support issues.

  3. The programs are badly written. Whilst many people simply install these programs and never look at the code, others will read CGI program code as a way to learn to write their own CGI programs. We therefore feel it is important that our scripts reflect the best Perl coding practices. Others don't share our views and many people have learned very bad coding habits from reading Matt Wright's code.

What does Matt Wright think about all this?

Matt has a page on his web site which is generally very positive about nms.


What programs are available in the collection?

The exact list will increase over time. Here is the list of what we have currently available:

How are the programs licensed?

The programs are licensed in the same way as Perl itself. That is you are free to choose between the GNU Public License <> or the Artistic License <>.

But I have programs that do the same thing already, why change them?

Because the programs you may already use aren't as good as these. See "/But there are perfectly good programs already out there, why bother?" above for more details.

Why do you keep calling them programs and not scripts?

The two terms can be interchangeable. We like to use the term "program" as it carries an implication that the code has been designed more carefully. The term "scripts" can imply that the code has just been "thrown together" with no real thought. For CGI programs, this can be very dangerous.

Why Perl and not (Python|Tcl|Ruby)?

Because we like Perl :)

But also because Perl is still the most commonly used programming language for writing CGI programs.

Why CGI and not (PHP|ASP|Java Servlets)?

Because CGI is still the most commonly used architecture for dynamic web pages - despite what you might hear from the marketing departments at Sun or Microsoft.

What's with all this XML stuff? Shouldn't the programs output HTML?

All of our scripts output valid XHTML. XHMTL is the newest standard for HTML. It replaces HTML 4.01. We strongly believe that by adhering to published standards, our web pages will be more easily viewed by as large a range of browsers as possible.

XHTML is largely a case of tightening up on some of the bad habits that HTML let you get away with. All tags must be explicitly closed and all presentation information is stored in a stylesheet.

Translation: This article has been translated into the Serbo-Croatian language by Web Geeks.

Contact us
Last modified: Wed Dec 28 17:58:43 BST 2004
Valid XHTML 1.0!
Project hosted by
SourceForge Logo