Re: A good book?
The CD Book shelf has just been updated to include the 3rd edition of Programming Perl. Don't let anyone sell you the old edition! best regards, Richard At 10:20 4/06/2001 +0100, you wrote: I would suggest you buy The Perl CD Bookshelf from O'Reilly. You get the Perl in a Nutshell book which is a good reference to a lot of Perl stuff, and a CD that includes in searchable HTML format: Perl in a Nutshell (yes, you get it twice!) Programming Perl, 2nd Edition Perl Cookbook - handy recipies Advanced Perl Programming Learning Perl, 2nd Edition Learning Perl on Win32 Systems - exactly like the above title but geared for Win32
Re: Session.pm
Michael,
The error message indicates that Perl cannot find the Session.pm
module. Be sure you have installed the module properly. If you have to
install it locally on an ISP, then you'll need to add:
use lib '/path/to/your/modules/';
Hope this helps,
William
On 3 Jun 2001, at 19:38, Michael Chopek wrote:
Hi Folks;
I'm trying to get a handle on using sessions so I have been trying to get
through the docs at;
http://www.awu.id.ethz.ch/~th/session/
(Session.pm)
He has a few sample programs and his first is below;
#!/usr/bin/perl -w
# Hello World.
use strict;
use vars qw($sob);
use Session;
local $sob = Session-new();
if ($sob-open_session(0)) {
main();
}
$sob-close_session;
# main
sub main {
if ( $sob-{COMPONENT}{call_number} ) {
$sob-{COMPONENT}{call_number}++;
} else {
$sob-{COMPONENT}{call_number} = 1;
}
print $sob-header(),
$sob-start_html('Hello', '[EMAIL PROTECTED]'),
h1Hello World/h1
Your Sessions ID is $sob-{SESSION}{_session_id}p
This is your $sob-{COMPONENT}{call_number}. call to main.cgi.
p\n, $sob-end_html;
return;
}
He says to name the file main.cgi and view it through the
browseryet when I try to, I get the dreaded 500 Server error.
Running the program from the command line and the Apache error logs
produce this..
Can't locate object method new via package Session at main.cgi line 7.
Any ideas why the example above will not run at my site?
I know I'm missing something simple here..just not sure what.
- thanks -
--
best regards
-michael
--
[EMAIL PROTECTED]
www.knowmad.com
Charlotte, NC
Re: Limiting access to cgi scripts
Kurt Edmiston wrote:
Hi, I want to limit access to one of my scripts. I have a list of web
pages that are authorized to call my script, and I want to disable the
script if another unauthorized page calls it. My code to do this looks
like the following:
my $referer = $ENV{HTTP_REFERER};
my $legal_referer;
my(@legal_referers) = (http://www.some-url.com/page1.html;); #
list of authorized pages
my $clear = 0;
foreach $legal_referer (@legal_referers)
{
if ($legal_referer eq $referer)
{ $clear = 1; }
}
if (!$clear)
{ # kill the script }
...
I want to know if this is a good (safe) way to do this. I'm open to any
suggestions. Thanks in advance.
Hi,
A problem is that the client can present any referer it wishes (or
none), so a cracker could, if learning valid referers by trial/error or
whatever, simply use one of those referers when making the query. Very
easy to do in LWP, particularly to work around content shields.
I actually do this, protecting my form CGIs from casual harrasment, but
a determined malfeasant could simply read my form source, generate false
forms with a forged referer, and DoS me. But this is only for my toy
personal site :)
One solution would be to combine a cookie with dynamic link generation,
that would force a browser to cache a cookie, then generate links that
required that cookie plus a separate string in the query to access the
page. Cumbersome, yes, but without an even more cumbersome
certificate-based AAA solution it is probably the most solid bet.
Any solution that relies exclusively on a client being honest can be
cracked trivially. :|
Good luck!
- MAtt
netscape won't read as html
hello,
i am trying to print out some html in my script and IE and Opera both
display the html properly, however netscape will actually display the html
as if it were a text doc. i would assume that something would be incorrect
in my content-type, but i just don't see it.
thanks -charles
#!/usr/bin/perl
beginhtml;
mainbody;
endhtml;
sub beginhtml {
print begin_html;
Content-type: text/html\n\n
html\n
headtitleControl Panel/title/head\n
body bgcolor=white\n
begin_html
}
sub endhtml {
print end_html;
/body
/html
end_html
}
sub mainbody {
print main_body;
Hello World
mainbody
}
Re: Limiting access to cgi scripts
Kurt == Kurt Edmiston [EMAIL PROTECTED] writes:
Kurt my $referer = $ENV{HTTP_REFERER};
No. Trivially forged, stripped by many security proxies and caches.
Interesting as a logged item or a hint, however.
Try something else.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
[EMAIL PROTECTED] URL:http://www.stonehenge.com/merlyn/
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: testing null strings for form field values
On Mon, 4 Jun 2001, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote,
if ( $formdata{view_name} ne ) {
$view = $formdata{view_name};
$viewtag = 1;
}
is there a special method for testing against a null string for a form
field's value? i am using the above data, but it seems to always return
with a value of 1 making me think that something is incorrect in my if
test. the form itself does not have anything default value specified for
view_name.
Take a look at these one-liner examples. The string (nothing) indicates
that no output is printed.
1% perl -le '$x; print 1 if $x ne '
(nothing)
2% perl -le '$x = undef; print 1 if $x ne '
(nothing)
3% perl -wle '$x = undef; print 1 if $x ne '
Use of uninitialized value at -e line 1.
4% perl -wle '$x = i am here; print 1 if $x ne '
1
5% perl -we '$x = undef; print ($x)\n;
Use of uninitialized value at -e line 1.
()
6% perl -we '$x = ; print ($x)\n;
()
Number 2 is basically same with number 1 in that $x is undefined,
except that $x variable in the number 2 is explicitly assigned.
(Number 1 will also give you extra warning if you use -w).
The line under number 3 is not an output of the code, it's a
warning that will guide you what's wrong with the code.
Undefined value is not the same as empty string (), but both are
evaluated to false. If you use undefined variable anyway, it will be
evaluated to empty (see no.5 and 6). Empty field is sent as undefined
value and when you test it against with 'ne' operator, it evaluates to
true because they're not equal.
You need the defined() function to test whether the variable contains
some defined value, and it will cover both and 0 if the test returns
true.
if (defined $var) {
}
If you need the value of the variable and you don't want then you
need to test that too,
if (defined $var and $var ne ) {
}
or
if (defined $var and length $var) {
}
But if you rather want to test $var against true value, you can simply
use,
if ($var) {
}
Btw, did you use -w switch and use strict in your script?
You really should. All those example codes above will bail out when
you use strict.
hth
s.a.n
--
Hasanuddin Tamir: [EMAIL PROTECTED] - Trabas: www.trabas.com
Re: netscape won't read as html
On Mon, 4 Jun 2001 13:10:45 -0500 (CDT), [EMAIL PROTECTED] said:
hello,
i am trying to print out some html in my script and IE and Opera both
display the html properly, however netscape will actually display the html
as if it were a text doc. i would assume that something would be incorrect
in my content-type, but i just don't see it.
sub beginhtml {
print begin_html;
Content-type: text/html\n\n
--
Flush Content-type to the left. I don't want to get into the details of which
browser is conformant to the standards and which is not, just wanted to say
that starting a header line with a space indicates that it's a continuation
from the previous line. So, header lines should not be prepended by spaces,
tabs, and such.
html\n
headtitleControl Panel/title/head\n
body bgcolor=white\n
begin_html
}
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Re: testing null strings for form field values
Randal is of course right. I apologize for my extremely confusing
and idiom riddled post.
Randal L. Schwartz wrote:
David == David Labatte [EMAIL PROTECTED] writes:
David The why though is most likely that: undef ne ''
That's not true. undef eq ''.
Sorry I meant that statement in the english phrase sense not in the
literal perl sense. I'll translate it from garbledslash.psudogeekese and
never use that particularly poor and confusing dialect here again:
undef is undef, '' is ''. Occasionally perl will care. Best to treat them
differently until your comfortable with their differences.
Not even close to what I actually said, but it's what I meant. I guess
I was expecting the reader to somehow divine my actual thoughts.
David What I usually do if I have code that expects an empty string
David instead of an undef is append an empty string onto it when I read
David the cgi.pm value into it.
David $formdata{view_name} = $query-param('view_name') . '';
David That way undefined form elements have a consistent value and
David it's easy to just send them back out to the user if I have to
David without mangling them for display.
This is voodoo programming. You must've had some problem that this
appeared to solve at some point, but it isn't needed for what you are
answering here, so I don't know how that can help.
Sorry your right, this is bad programming and way beyond the scope of
what was asked in this question and should not have been mentioned.
Since I've badly explained myself already, I'll waste a little more time
and say it's a useful idiom to force the cgi.pm return value to a true ''
so the differences between it and undef don't bite you unexpectedly.
I'll try to be more on topic with my responses from now on.
undef acts for all intents and purposes the same as an empty string.
If you have warnings on, you'll get messages when you use it as an
empty string, but you would have got a message on that first
concatenate as well.
Very true, and sorry this post is not very clear, lucid or representative
of what I was thinking. Not the best of contributions on my part, and
I'm sorry for anyone I've confused. I will improve. I promise :)
Thank you Randal for being there giving me a standard to improve to.
--
Perl, because 600 billion oysters can't be wrong
Canadian Consulting Services' pet perl hacker
David Labatte [EMAIL PROTECTED]
Re: if statement printing when it shouldnt :)
[EMAIL PROTECTED] wrote:
: if ( $viewtag = 1 ) {
: print The value of \$view was $view\np;
: }
:
: i would have thought that the second statement would not print since the
: form had not been submitted. however, instead, the if statements' print
: does get stuck into the html.
A pernicious little bug: you're using = when you want ==.
Also, it's a numerical comparison, so there's no need to quote the 1:
if ($viewtag == 1) {
or better yet,
if (1 == $viewtag) {
The second one is a compile error if you use =.
-- tdk
REPOST: Regex compilation in mod_perl?
Hi all,
I'm trying to write a script to retrieve a list of URLs, search them for a
list of words and print the results. I wrote it first as a standalone script
and got it working, but when I converted it to a web page it no longer works
properly.
The data is typed into two TEXTAREAs, one url or string to a line. The url of
the script when called looks like this:
http://fw/cgi-bin/searchweb.pl?PAGES=http%3A%2F%2Fwww.colossalrecords.com.au%
2Fnewrelease-page.htm%0D%0Ahttp%3A%2F%2Fwww.bonzairecords.com%2Fcatalogue.htm
STRINGS=Rush%0D%0AHold+ItSearch=Search
Since the data is string\n\rstring I figured I could use split /^/ to
separate out the individual strings. There's probably an easier way to do it
though... the split seems to work correctly, and both @strings and %content
get filled apparently ok.
The problem is that it only returns some of the results that it should. If a
page only contains one of the strings, it will return none. If the page
contains many of the strings, it will only return one. I have a
feeling that it's something really obvious but I can't see what it is.
I've tried different parameters on the regex and adding a reset after each
string to no effect.
Can anyone see what could be causing the problem?
Thanks for your help,
Len
Here's the script. Thanks to Curtis for adding use strict and my vars.
#!/usr/bin/perl -w
# search for each of a number of strings in a number of web pages
use strict;
use CGI;
require LWP::UserAgent;
my $q = new CGI;
my $textstr = $q-param('STRINGS');
my $pages = $q-param('PAGES');
my @strings;
my $i = 0;
my $ua = new LWP::UserAgent;
my %content;
print $q-header(-expires='-1d');
print EOH;
html
titleSearch results/title
body bgcolor=ff
h1Search results/h1
EOH
foreach my $line (split /^/, $textstr) {
chomp $line;
$strings[$i] = $line;
$i++;
}
foreach my $line (split /^/, $pages) {
chomp $line;
my $request = new HTTP::Request(GET = $line);
print Loading $linebr;
my $response = $ua-request($request);
if ($response-is_success) {
$content{$line} = $response-content;
} else {
print bError: $line.$response-status_line./bbr;
}
}
print brSearchingbr;
foreach my $page (keys %content) {
print $page.br;
foreach $string (@strings) {
# \Q deals with () in pattern
if ($content{$page} =~ /\Q$string/g) {
print 'blockquote'.$string.' found/blockquote';
}
# worth a try
reset;
}
}
print EOF;
/body
/html
EOF
