date:20021210

use_named_parameters()

2002-12-10 Thread Kris Gaethofs

Hi,

I have this problem and don't immediately know the sollution. I would 
like perl to use named parameters only while doing cgi scripting. To 
force this I use the following code:

#!/opt/bin/perl -Tw

use CGI;
use strict;

my $q = CGI-new();
$q-use_named_parameters(1);

etc...

However, it doesn't work. Perl complains with the following code:

Undefined subroutine CGI::use_named_parameters

How does it work?

Greets,

Kris
--
-
Kris Gaethofs
Labo Kwantumchemie
Celestijnenlaan 200F
B-3001 Heverlee (Leuven)
Tel: +32 16 32 78 03 Fax: +32 16 32 79 92
Email: [EMAIL PROTECTED]
-



--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

can we use system() inside cgi ?

2002-12-10 Thread Admin-Stress

I got this error :

[error] [client 10.0.0.88] Insecure $ENV{PATH} while running setuid at
/var/www/cgi-bin/ifcfg_rh80.pl line 60., referer: 
http://10.0.0.50/cgi-bin/editconfig.pl

And line 60 of ifcfg_rh80.pl is :

   system(/sbin/ifdown $device);
   sleep 2;
   system(/sbin/ifup $device);

I chmoded +s both editconfig.pl and ifcfg_rh80.pl.

And I installed suid-perl ...

Anything else that I can do? I made a cgi to change server ip address.

Thanks.


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread Larry Coffin


Well, I'm not all that familiar with the CGI.pm html generation
functions, but if they simply generate HTML elements, there should be no
reason you can't mix CGI.pm calls with your own html code. Something like:


---
#!/usr/bin/perl

use CGI;
$q = new CGI;

open(OUTPUTFILE, STDOUT) || die $!; # just for testing

print OUTPUTFILE $q-header;
print OUTPUTFILE $q-start_html('Application');

print OUTPUTFILE $q-center(
$q-h2(My Company Name),
$q-p($q-strong(Application)),
);

print OUTPUTFILE END_OF_FORM;
form action=handle_form.cgi method=POST



/form
END_OF_FORM


print OUTPUTFILE $q-end_html();



This tested just fine for me.

Also, your second example should work fine as well -- just use
CGI.pm for variable processing and do all the output yourself. That's how I
generally do it!

Another little trick you can do with this for here print syntax
and html output is great for keeping your program code nice and indented
without affecting the way your html code is displayed:

sub Something {

printEND_OF_FORM; # note that is a tab not spaces ...
html
head
titleSomething/title
/head
body 
.
/body
/html
END_OF_FORM
# ... which matches the tab there at the start of the preceeding line
}


---Larry


At 1:10 PM -0500 12/10/02, John Stokes wrote:
Really?

How could I mix something like:

print OUTPUTFILE $q-start_html('Application');
print OUTPUTFILE $q-center(
$q-h2(My Company Name),
$q-p($q-strong(Application)),
);

print OUTPUTFILE $q-p(Applicant's Name: ,$q-b($q-param(Name));

With something like print  End_of_form? Isn't that producing two HTML
headers, which is illegal?

...unless I just use CGI.pm for variable processing. Hmmm. Would this work?

use CGI;
my $q = new CGI();

print OUTPUTFILE  End_of_form

BMy Company Name/B
Applicant's Name: $q-param(Name)

End_of_form

??

If that's a legal syntax, then that solves my problem!

Thanks all!

-John


++
| Larry Coffin, G.P.H. Watertown, MA |
| http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
++

Hofstadter's Law:
It always takes longer than you expect, even when you take
Hofstadter's Law into account.


-



-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Installing CGI.pm in RedHat 8.0.

2002-12-10 Thread fliptop

On Tue, 10 Dec 2002 at 06:51, Admin-Stress opined:

A:I dont know why, in my OTHER RedHat 8.0 installation, I cant find
A:CGI.pm. I did install perl5.8.0.
A:
A:Anyone know how to install it? I looked in cpan, it seems it's default
A:perl module. And I cant find any installer for it.
A:
A:Is it OK if I just copy CGI.pm from cpan? into 
A:
A:/usr/lib/perl5/5.8.0/CGI.pm
A:
A:but, what is /usr/lib/perl5/5.8.0/CGI ? Because I saw in my other redhat
A:8.0 box there are two files :
[snip]

rpm -qa | grep CGI


-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: use_named_parameters()

2002-12-10 Thread Larry Coffin

$q-use_named_parameters(1);

Looks like that was removed in CGI.pm version 2.57.

---Larry


++
| Larry Coffin, G.P.H. Watertown, MA |
| http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
++

Hofstadter's Law:
It always takes longer than you expect, even when you take
Hofstadter's Law into account.


-



-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread John Stokes

Nope, no luck.

When I use something like:

Print  End_form;

Name: $q-param(name)

End_form


My output looks like:

Name: CGI=HASH(0x6590)-param(name)


I think I tried this before and that's why I didn't use CGI.pm for variable
processing.

But hey... I'm open to correction!

-John

On 12/10/02 10:31 AM, Larry Coffin [EMAIL PROTECTED] wrote:

 
 Well, I'm not all that familiar with the CGI.pm html generation
 functions, but if they simply generate HTML elements, there should be no
 reason you can't mix CGI.pm calls with your own html code. Something like:
 
 
 ---
 #!/usr/bin/perl
 
 use CGI;
 $q = new CGI;
 
 open(OUTPUTFILE, STDOUT) || die $!; # just for testing
 
 print OUTPUTFILE $q-header;
 print OUTPUTFILE $q-start_html('Application');
 
 print OUTPUTFILE $q-center(
 $q-h2(My Company Name),
 $q-p($q-strong(Application)),
 );
 
 print OUTPUTFILE END_OF_FORM;
 form action=handle_form.cgi method=POST
 
 
 
 /form
 END_OF_FORM
 
 
 print OUTPUTFILE $q-end_html();
 
 
 
 This tested just fine for me.
 
 Also, your second example should work fine as well -- just use
 CGI.pm for variable processing and do all the output yourself. That's how I
 generally do it!
 
 Another little trick you can do with this for here print syntax
 and html output is great for keeping your program code nice and indented
 without affecting the way your html code is displayed:
 
 sub Something {
 
 print END_OF_FORM; # note that is a tab not spaces ...
 html
 head
 titleSomething/title
 /head
 body 
 .
 /body
 /html
 END_OF_FORM
 # ... which matches the tab there at the start of the preceeding line
 }
 
 
 ---Larry
 
 
 At 1:10 PM -0500 12/10/02, John Stokes wrote:
 Really?
 
 How could I mix something like:
 
 print OUTPUTFILE $q-start_html('Application');
 print OUTPUTFILE $q-center(
 $q-h2(My Company Name),
 $q-p($q-strong(Application)),
 );
 
 print OUTPUTFILE $q-p(Applicant's Name: ,$q-b($q-param(Name));
 
 With something like print  End_of_form? Isn't that producing two HTML
 headers, which is illegal?
 
 ...unless I just use CGI.pm for variable processing. Hmmm. Would this work?
 
 use CGI;
 my $q = new CGI();
 
 print OUTPUTFILE  End_of_form
 
 BMy Company Name/B
 Applicant's Name: $q-param(Name)
 
 End_of_form
 
 ??
 
 If that's a legal syntax, then that solves my problem!
 
 Thanks all!
 
 -John
 
 
 ++
 | Larry Coffin, G.P.H. Watertown, MA |
 | http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
 ++
 
 Hofstadter's Law:
 It always takes longer than you expect, even when you take
 Hofstadter's Law into account.
 
 
 -
 

-- 
-John Stokes
Computer Psychiatrist (Director of Information Technology)
Church Resource Ministries
[EMAIL PROTECTED]

Three Pillars: Humility, Communication, Balance


-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread Larry Coffin

Print  End_form;

Name: $q-param(name)

End_form

That's because you can't execute perl code within this construct.
It is essentially a double quoted string that just happens to span multiple
lines. So, this doesn't work just like:

print Name $q-param('name')\n;

won't work the way you want it to.

You have to get the value in a variable first:

$name = $q-param('name');

print End_form;

Name: $name

End_form


---Larry


++
| Larry Coffin, G.P.H. Watertown, MA |
| http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
++

Money is the root of all evil, and man needs roots


-



-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread John Stokes

Ah yes... That makes sense.

That's the solution I've used in other cases (for instance, resolving a CGI
param to a path.) Unfortunately, it's not really practical to define a bunch
of temporary variables for a form that may have hundreds (literally) of
input fields.

So, it looks like I'm back to where I was before: splitting the string on 
before I process %26.

That's still OK. It's a better solution than what I'm doing now.

Thanks again all (esp. Larry).

-John

On 12/10/02 11:03 AM, Larry Coffin [EMAIL PROTECTED] wrote:

 Print  End_form;
 
 Name: $q-param(name)
 
 End_form
 
 That's because you can't execute perl code within this construct.
 It is essentially a double quoted string that just happens to span multiple
 lines. So, this doesn't work just like:
 
 print Name $q-param('name')\n;
 
 won't work the way you want it to.
 
 You have to get the value in a variable first:
 
 $name = $q-param('name');
 
 print End_form;
 
 Name: $name
 
 End_form
 
 
 ---Larry
 
 
 ++
 | Larry Coffin, G.P.H. Watertown, MA |
 | http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
 ++
 
 Money is the root of all evil, and man needs roots
 
 
 -
 

-- 
-John Stokes
Computer Psychiatrist (Director of Information Technology)
Church Resource Ministries
[EMAIL PROTECTED]

Three Pillars: Humility, Communication, Balance


-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread Larry Coffin

At 2:15 PM -0500 12/10/02, John Stokes wrote:
Ah yes... That makes sense.

That's the solution I've used in other cases (for instance, resolving a CGI
param to a path.) Unfortunately, it's not really practical to define a bunch
of temporary variables for a form that may have hundreds (literally) of
input fields.

Doing that is probably going to be easier than writing really
robust query string code. If you are worried about keeping your code short
and sweet, then use a hash:

foreach my $key ($q-param()) {
$form_data{$key} = $q-param($key);
}

Or even (according to the man page, although I haven't used it):

%form_data = $q-Vars();

Be careful though, in that these simple cases won't handle
multi-value values quite the way you might expect.


Then you can call values by name when/if you need them:

print FORM_END

Name: $form_data{'name'}

FORM_END

---Larry

So, it looks like I'm back to where I was before: splitting the string on 
before I process %26.

That's still OK. It's a better solution than what I'm doing now.

Thanks again all (esp. Larry).

-John

On 12/10/02 11:03 AM, Larry Coffin [EMAIL PROTECTED] wrote:

 Print  End_form;

 Name: $q-param(name)

 End_form

 That's because you can't execute perl code within this construct.
 It is essentially a double quoted string that just happens to span multiple
 lines. So, this doesn't work just like:

 print Name $q-param('name')\n;

 won't work the way you want it to.

 You have to get the value in a variable first:

 $name = $q-param('name');

 print End_form;

 Name: $name

 End_form


 ---Larry


 ++
 | Larry Coffin, G.P.H. Watertown, MA |
 | http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
 ++

 Money is the root of all evil, and man needs roots


 -


--
-John Stokes
Computer Psychiatrist (Director of Information Technology)
Church Resource Ministries
[EMAIL PROTECTED]

Three Pillars: Humility, Communication, Balance


--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



++
| Larry Coffin, G.P.H. Watertown, MA |
| http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
++

Money is the root of all evil, and man needs roots


-



-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread John Stokes

Oh! Didn't think about that.

Yes, that looks like a very workable solution.

Thanks again.

-John

On 12/10/02 11:33 AM, Larry Coffin [EMAIL PROTECTED] wrote:

 At 2:15 PM -0500 12/10/02, John Stokes wrote:
 Ah yes... That makes sense.
 
 That's the solution I've used in other cases (for instance, resolving a CGI
 param to a path.) Unfortunately, it's not really practical to define a bunch
 of temporary variables for a form that may have hundreds (literally) of
 input fields.
 
 Doing that is probably going to be easier than writing really
 robust query string code. If you are worried about keeping your code short
 and sweet, then use a hash:
 
 foreach my $key ($q-param()) {
 $form_data{$key} = $q-param($key);
 }
 
 Or even (according to the man page, although I haven't used it):
 
 %form_data = $q-Vars();
 
 Be careful though, in that these simple cases won't handle
 multi-value values quite the way you might expect.
 
 
 Then you can call values by name when/if you need them:
 
 print FORM_END
 
 Name: $form_data{'name'}
 
 FORM_END
 
 ---Larry
 
 So, it looks like I'm back to where I was before: splitting the string on 
 before I process %26.
 
 That's still OK. It's a better solution than what I'm doing now.
 
 Thanks again all (esp. Larry).
 
 -John
 
 On 12/10/02 11:03 AM, Larry Coffin [EMAIL PROTECTED] wrote:
 
 Print  End_form;
 
 Name: $q-param(name)
 
 End_form
 
 That's because you can't execute perl code within this construct.
 It is essentially a double quoted string that just happens to span multiple
 lines. So, this doesn't work just like:
 
 print Name $q-param('name')\n;
 
 won't work the way you want it to.
 
 You have to get the value in a variable first:
 
 $name = $q-param('name');
 
 print End_form;
 
 Name: $name
 
 End_form
 
 
 ---Larry
 
 
 ++
 | Larry Coffin, G.P.H. Watertown, MA |
 | http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
 ++
 
 Money is the root of all evil, and man needs roots
 
 
 -
 
 
 --
 -John Stokes
 Computer Psychiatrist (Director of Information Technology)
 Church Resource Ministries
 [EMAIL PROTECTED]
 
 Three Pillars: Humility, Communication, Balance
 
 
 --
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 
 ++
 | Larry Coffin, G.P.H. Watertown, MA |
 | http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
 ++
 
 Money is the root of all evil, and man needs roots
 
 
 -
 

-- 
-John Stokes
Computer Psychiatrist (Director of Information Technology)
Church Resource Ministries
[EMAIL PROTECTED]

Three Pillars: Humility, Communication, Balance


-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: can we use system() inside cgi ?

2002-12-10 Thread Admin-Stress

I did read it, but still dont understand. What does tainted means? 

I changed my cgi like this :

   #!/usr/bin/suidperl

Then :

   chown root:root saveconfig.pl
   chmod 755 saveconfig.pl

It's now 'partly working', it can changed the content of /etc/sysconfig/... by 
overwriting it's
content (open ... print ... close).

But, still, I cant executing /sbin/ifup /sbin/ifdown.

Basically, I dont know the way suidperl working nor executing cgi which neeed root 
permission.

That work around I just found it with trial and error. If someone could explain or 
just tell me
what should I do in terms of permission setting or modification. What I need is just :

   overwriting /etc/sysconfig/...
   executing /sbin/ifup /sbin/ifdown

I must finish this project the day after tomorrow :((

Thanks.
kapot

--- [EMAIL PROTECTED] wrote:
 You need to read up on tainted variables, I think.
 
 perldoc perlsec
 
 The problem isn't that it is a CGI, pretty sure the problem is that it is setuid.
 
 http://danconia.org
 
 
 On Tue, 10 Dec 2002 07:20:16 -0800 (PST), Admin-Stress [EMAIL PROTECTED] wrote:
 
  I got this error :
  
  [error] [client 10.0.0.88] Insecure $ENV{PATH} while running setuid at
  /var/www/cgi-bin/ifcfg_rh80.pl line 60., referer: 
http://10.0.0.50/cgi-bin/editconfig.pl
  
  And line 60 of ifcfg_rh80.pl is :
  
 system(/sbin/ifdown $device);
 sleep 2;
 system(/sbin/ifup $device);
  
  I chmoded +s both editconfig.pl and ifcfg_rh80.pl.
  
  And I installed suid-perl ...
  
  Anything else that I can do? I made a cgi to change server ip address.
  
  Thanks.


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: can we use system() inside cgi ?

2002-12-10 Thread Peter Kappus

I don't know much about suidperl but if I were doing this, I probably
wouldn't give root privileges to my CGI.  If it doesn't need to happen
instantaneously, I'd consider a two-step approach: (of course, it probably
does need to run instantaneously since you're doing it as a CGI anyway...)

Instead of doing everything from the CGI, what I would do is write one Perl
CGI to gather your config input from the user and write it to a file. Then,
create a second script which will take run as root (as a cron job?) and read
the config file written by your first script and act accordingly.  Of
course, this is extremely slow and inefficient but seems more secure than
giving root access to your CGI.  Besides, if you can't get the other way to
work, I think this might do the trick.  But again, I'm sure there's a more
elegant solution.  I'd still like to know what suid perl is and why it won't
let you run /sbin/ifup|ifdown.  It might be just a simple environment thing
where the script can't find ifup Are you calling it as ifup or /sbin/ifup?

good luck!

-peter


-Original Message-
From: Admin-Stress [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 10, 2002 1:29 PM
To: perl cgi
Subject: RE: can we use system() inside cgi ?


I did read it, but still dont understand. What does tainted means? 

I changed my cgi like this :

   #!/usr/bin/suidperl

Then :

   chown root:root saveconfig.pl
   chmod 755 saveconfig.pl

It's now 'partly working', it can changed the content of /etc/sysconfig/...
by overwriting it's
content (open ... print ... close).

But, still, I cant executing /sbin/ifup /sbin/ifdown.

Basically, I dont know the way suidperl working nor executing cgi which
neeed root permission.

That work around I just found it with trial and error. If someone could
explain or just tell me
what should I do in terms of permission setting or modification. What I need
is just :

   overwriting /etc/sysconfig/...
   executing /sbin/ifup /sbin/ifdown

I must finish this project the day after tomorrow :((

Thanks.
kapot

--- [EMAIL PROTECTED] wrote:
 You need to read up on tainted variables, I think.
 
 perldoc perlsec
 
 The problem isn't that it is a CGI, pretty sure the problem is that it is
setuid.
 
 http://danconia.org
 
 
 On Tue, 10 Dec 2002 07:20:16 -0800 (PST), Admin-Stress
[EMAIL PROTECTED] wrote:
 
  I got this error :
  
  [error] [client 10.0.0.88] Insecure $ENV{PATH} while running setuid at
  /var/www/cgi-bin/ifcfg_rh80.pl line 60., referer:
http://10.0.0.50/cgi-bin/editconfig.pl
  
  And line 60 of ifcfg_rh80.pl is :
  
 system(/sbin/ifdown $device);
 sleep 2;
 system(/sbin/ifup $device);
  
  I chmoded +s both editconfig.pl and ifcfg_rh80.pl.
  
  And I installed suid-perl ...
  
  Anything else that I can do? I made a cgi to change server ip address.
  
  Thanks.


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: can we use system() inside cgi ?

2002-12-10 Thread Admin-Stress

Thanks Peter,

I was thinking about it too ... changing the content of interface configuration (in
/etc/sysconfic/...), then by using cron job, make the change happen. But still, how 
often I must
run the cron? I was thinking like every 10 seconds? hmm not good idea because this 
process will
not happen too often (why would someone keep changing ip address of an interface? :D).

As of my cgi, yes, I use full path - system(/sbin/ifup .$device);

I found another workaround by setting $ENV('PATH') = /sbin; But I got different 
error :

Tue Dec 10 17:10:28 2002] [error] [client 10.0.0.88] Users cannot control this
device., referer: http://10.0.0.50/cgi-bin/editconfig.pl

Someone suggested me to change to $ENV('PATH') = ; Hmmm... another trial and error :(

This is something new to me, executing cgi that needs root permission. Before I use
#!/usr/bin/suidperl, I can NOT change any file in /etc/sysconfig. The cgi (or even 
just a perl
script) run without error, but it did not alter the file ...

Regards,
kapot.

--- Peter Kappus [EMAIL PROTECTED] wrote:
[..deleted..]
 Instead of doing everything from the CGI, what I would do is write one Perl
 CGI to gather your config input from the user and write it to a file. Then,
 create a second script which will take run as root (as a cron job?) and read
 the config file written by your first script and act accordingly.  
[..deleted..]
 where the script can't find ifup Are you calling it as ifup or /sbin/ifup?
 
 good luck!
 
 -peter
 
 
 -Original Message-
 From: Admin-Stress [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, December 10, 2002 1:29 PM
 To: perl cgi
 Subject: RE: can we use system() inside cgi ?
 
 
 I did read it, but still dont understand. What does tainted means? 
 
 I changed my cgi like this :
 
#!/usr/bin/suidperl
 
 Then :
 
chown root:root saveconfig.pl
chmod 755 saveconfig.pl
 
 It's now 'partly working', it can changed the content of /etc/sysconfig/...
 by overwriting it's
 content (open ... print ... close).
 
 But, still, I cant executing /sbin/ifup /sbin/ifdown.
 
 Basically, I dont know the way suidperl working nor executing cgi which
 neeed root permission.
 
 That work around I just found it with trial and error. If someone could
 explain or just tell me
 what should I do in terms of permission setting or modification. What I need
 is just :
 
overwriting /etc/sysconfig/...
executing /sbin/ifup /sbin/ifdown
 
 I must finish this project the day after tomorrow :((
 
 Thanks.
 kapot
 
 --- [EMAIL PROTECTED] wrote:
  You need to read up on tainted variables, I think.
  
  perldoc perlsec
  
  The problem isn't that it is a CGI, pretty sure the problem is that it is
 setuid.
  
  http://danconia.org
  
  
  On Tue, 10 Dec 2002 07:20:16 -0800 (PST), Admin-Stress
 [EMAIL PROTECTED] wrote:
  
   I got this error :
   
   [error] [client 10.0.0.88] Insecure $ENV{PATH} while running setuid at
   /var/www/cgi-bin/ifcfg_rh80.pl line 60., referer:
 http://10.0.0.50/cgi-bin/editconfig.pl
   
   And line 60 of ifcfg_rh80.pl is :
   
  system(/sbin/ifdown $device);
  sleep 2;
  system(/sbin/ifup $device);
   
   I chmoded +s both editconfig.pl and ifcfg_rh80.pl.
   
   And I installed suid-perl ...
   
   Anything else that I can do? I made a cgi to change server ip address.
   
   Thanks.


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: How to get the biggest integers from an array?

2002-12-10 Thread Geraint Jones

Use the sort function:

print sort @array;

and for largest number first use:

print reverse sort @array;

For your particular problem:

@sorted_array = reverse sort @array;
foreach (@sorted_array)
{
# whatever you want to do with each number goes here
}

This kind of problem is usually covered in most beginners Perl books. Might be 
wise to invest in one ;-)

On Tuesday 10 December 2002 1:09 pm, Mystik Gotan wrote:
 Hiya,

 I'm in search for a solution. Let's say I have this array:

 @array (5, 6, 7, 89, 1, 0, 456, 298023, 56);

 Now, how can I get the biggest integers from this array and give them a
 string with their place. Let's say I have a foreach loop where I checked
 all the biggest integers (however, I don't know how) and I give them all a
 string like:

 $website_76 = 1; # position 1
 $website_87 = 2; # position 2

 --
 Bob Erinkveld (Webmaster Insane Hosts)
 www.insane-hosts.net
 MSN: [EMAIL PROTECTED]




 _
 Ontvang je Hotmail  Messenger berichten op je mobiele telefoon met Hotmail
 SMS http://www.msn.nl/jumppage/

-- 
Geraint Jones

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: How to get the biggest integers from an array?

2002-12-10 Thread Mystik Gotan

Oh, no, actually, I know quite about Perl. The problem is, I hardly have got 
any experience in programming, I read a lot. I've got 3 perl books and 
wasn't just thinking at the idea of using sort(). Thanks guys.



--
Bob Erinkveld (Webmaster Insane Hosts)
www.insane-hosts.net
MSN: [EMAIL PROTECTED]





From: Geraint Jones [EMAIL PROTECTED]
To: Mystik Gotan [EMAIL PROTECTED], [EMAIL PROTECTED],   
[EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: How to get the biggest integers from an array?
Date: Tue, 10 Dec 2002 14:39:42 +

Use the sort function:

	print sort @array;

and for largest number first use:

	print reverse sort @array;

For your particular problem:

	@sorted_array = reverse sort @array;
	foreach (@sorted_array)
	{
		# whatever you want to do with each number goes here
	}

This kind of problem is usually covered in most beginners Perl books. Might 
be
wise to invest in one ;-)

On Tuesday 10 December 2002 1:09 pm, Mystik Gotan wrote:
 Hiya,

 I'm in search for a solution. Let's say I have this array:

 @array (5, 6, 7, 89, 1, 0, 456, 298023, 56);

 Now, how can I get the biggest integers from this array and give them a
 string with their place. Let's say I have a foreach loop where I checked
 all the biggest integers (however, I don't know how) and I give them all 
a
 string like:

 $website_76 = 1; # position 1
 $website_87 = 2; # position 2

 --
 Bob Erinkveld (Webmaster Insane Hosts)
 www.insane-hosts.net
 MSN: [EMAIL PROTECTED]




 _
 Ontvang je Hotmail  Messenger berichten op je mobiele telefoon met 
Hotmail
 SMS http://www.msn.nl/jumppage/

--
Geraint Jones

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


_
MSN Zoeken, voor duidelijke zoekresultaten! 
http://search.msn.nl/worldwide.asp


--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Handling =

2002-12-10 Thread Octavian Rasnita

You can use the CGI module this way:

use CGI;
my $q = new CGI;
my $username = $q - param('username');
my $password = $q - param ('password');
...

#That's all with the CGI module.
#Now you can use the normal HTML style of printing the page:

print end_of_page;

lot of html

end_of_page

This way you won't need to remember all the CGI functions for generating
HTML, but only the functions for getting the data from forms, and eventually
for setting some headers, etc.


Teddy,
Teddy's Center: http://teddy.fcc.ro/
Email: [EMAIL PROTECTED]

- Original Message -
From: John Stokes [EMAIL PROTECTED]
To: Larry Coffin [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, December 10, 2002 8:10 PM
Subject: Re: Handling  =


Really?

How could I mix something like:

print OUTPUTFILE $q-start_html('Application');
print OUTPUTFILE $q-center(
$q-h2(My Company Name),
$q-p($q-strong(Application)),
);

print OUTPUTFILE $q-p(Applicant's Name: ,$q-b($q-param(Name));

With something like print  End_of_form? Isn't that producing two HTML
headers, which is illegal?

...unless I just use CGI.pm for variable processing. Hmmm. Would this work?

use CGI;
my $q = new CGI();

print OUTPUTFILE  End_of_form

BMy Company Name/B
Applicant's Name: $q-param(Name)

End_of_form

??

If that's a legal syntax, then that solves my problem!

Thanks all!

-John


On 12/10/02 9:39 AM, Larry Coffin [EMAIL PROTECTED] wrote:

 In terms of why reinvent the wheel, I prefer not to use CGI.pm for
simple
 form processing because it prevents me from doing something like

 print  End_of_form

 ...lots of HTML code...

 End_of_form

 It does? Then I must be programming in something other than Perl
 because I use that all the time! :)

 Of course I only use CGI.pm for form processing, not form
 generation, so I don't know what happens if you try to mix the print
 END_PRINT syntax with calls to CGI.pm's form generation functions.

 ---Larry


 ++
 | Larry Coffin, G.P.H. Watertown, MA |
 | http://www.PointInfinity.com/lcoffin/[EMAIL PROTECTED] |
 ++

 Hofstadter's Law:
 It always takes longer than you expect, even when you take
 Hofstadter's Law into account.


 -



--
-John Stokes
Computer Psychiatrist (Director of Information Technology)
Church Resource Ministries
[EMAIL PROTECTED]

Three Pillars: Humility, Communication, Balance


--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

use_named_parameters()

can we use system() inside cgi ?

Re: Handling =

Re: Installing CGI.pm in RedHat 8.0.

Re: use_named_parameters()

Re: Handling =

Re: Handling =

Re: Handling =

Re: Handling =

Re: Handling =

RE: can we use system() inside cgi ?

RE: can we use system() inside cgi ?

RE: can we use system() inside cgi ?

Re: How to get the biggest integers from an array?

Re: How to get the biggest integers from an array?

Re: Handling =

16 matches

Site Navigation

Mail list logo

Footer information