Howdy, I just finished a script that does Benchmarking from a web based form. It's pretty handy since all I have to do it tell it how many different pieces of code I want to run, type them in and see the results.
I did this because it is quick and easy and I can use it when all I have is web access.(must be autheticated to use) (IE no ssh or ftp)And I don't have to create a new script everytim I want to see which is fsatest. Ok, now with that same idea in mind I'd like top have a form I couls enter som perl and have it execute it via perl -e. (I know I know, security etc..., what is they put in `rm -f /` etc... just hear me out ;p) If I con't have shell access I'd like to login to my area, Select from a menu which code to run (All they get is value's of number s that correspond to a hash internally so they can't give it evil input.) and a few other options (which must be clean via some regexes,) Al of it is run with -w and use strict; and I may make it do -T also. So with all of that in mind here's my question: Doing this: ... my $pthprl = '/usr/bin/perl -Mstrict -we'; ... print `$pthprl '$codeX' '$inpuX'`; Assume $codeX and $inpuX are being properly safeified ( they are also being run via webserver so there's even less privilegs that if I was ssh in). This works very well, unless $codeX has single quotes. ($inpuX I urlencode and must therefore use CGI 'param' to get it into my -e test code) I could replace all single quotes with double quotes and escape everythgin inbetween them but that seems like a lot. Any ideas how to deal with the single quotes? (Since shell escape characters may or may not work since apache is executing it) TIA DaN -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
