Re: Extracting links. - without modules

2005-01-17 Thread Alexander Blüm 
On Sun, 16 Jan 2005 18:36:09 +0500
"Sara" <[EMAIL PROTECTED]> wrote:

> I am trying to extract links along with HTML tags  from a
> list, but it's not working on my XP machine with Active State Perl
> 5.0.6 Kindly help.
> 
> # CODE START 
> 
> my @array = qq|
> http://www.mydomain.com";> src="http://www.mydomain.com/images/logo2.gif";>|;#extract LINKS
> (no image links) only http://www.mydomain.com";>
> 
> my @get = grep {//} @array;
> print "@get\n"
> 
> ### CODE END ###
> 
> Thanks,
> 
> Sara.
> 

this is also possible _without_ any modules, except maybe "strict".

# this will replace the contents of each match in @get
foreach(@array){
  my @get = $_ =~ //g;
}

or: 

# this will add each match to @get
my @get = ();
foreach(@array){
  push @get, $_ =~ //g;
}


-- 
Cheers,
  Alex

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: CPU load/server resources.

2004-07-14 Thread Alexander Blüm 
On Tue, 13 Jul 2004 15:30:36 -0600
"Wiggins d Anconia" <[EMAIL PROTECTED]> wrote:

> > 
> > I had a script for which my previous host cancelled my account
> > saying
> it's a resource hog and using more than 50% resources of the server
> (shared hosting).
> > 
> > Yep, there were some faults in the script. I modified it and they
> restored the account.
> > 
> > But now I am looking for some script/subroutine within the script
> > that
> can give me the CPU/resource usage when the script runs?
> > 
> > I have NO idea about it.
> > 
> > Can anyone help me with it?
> 
> This tends to be a very system dependent thing.   I find it odd that
> you would need to run a script in such an environment, isn't that what
> the hoster does?  Or are you talking about the resource usage of the
> script specifically?
> 
> In any case, give us more information about your platform.  If it is
> Unix can you read from /proc?

yes, use:

**
open (F, ";
close F;
print join("\n",@content), "\n";
**

all YOU need to find out now is what what each element means... and
share your wisdom with us. well, I'd like to know. ;)


> How were you doing this previously?  You state that you fixed the
> script and the account was reactivated, are you looking for further
> improvements?  If so, post the script
> 
> Help us to help you...
> 
> http://danconia.org
> 
> -- 
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>  
> 
> 


cheers,
  Alex

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Data encryption

2004-05-14 Thread Alexander Blüm 
On Fri, 14 May 2004 09:25:27 +0100
David Dorward <[EMAIL PROTECTED]> wrote:

> On 14 May 2004, at 08:33, Werner wrote:
> > I've got a form that makes use of the GET method to provide the cgi 
> > script with details. My problem is that you can see all of the
> > fields  being posted. i.e.
> >
> > /people.cgi? 
> > surname=TestSurname&forename=TestName&location=TestLocation&phone=T
> > estP honeNumber&search=+Search+
> >
> > is there any way that I make sure these details are not seen or to
> > be  encrypted in some way?
> 
> Well, you could use POST (not that that makes it impossible for the  
> user to see the data, it just doesn't encode it in the URL). This
> would  break the ability of the user to bookmark the results page (and
> post is  explicitly for http requests which change something on the
> server) so  that wouldn't be a good idea.
> 
> You could also use client side scripting (ha ha) to run the data  
> through some encoding algorithm, then reverse it in the Perl. This  
> would break the moment someone tried to use it without client side  
> scripting enabled, so it also a bad idea.
> 
> I can't think why you would want to hide this information; the user  
> has, presumably, typed it into a search form and thus already knows
> it!
> 
> --
> David Dorward
>   
> 
> 


better yet:
use SSL (I mean the apache module) or any other secure data transport
layer.

cheers,
  Alex

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: CGI Script to annoy script kiddies.

2004-02-06 Thread Alexander Blüm 
NICE!!! 
I really like this! 
I'm not sure about security - but it seems fairly safe, since no real
system interaction is implemented... nice, real nice script - I'll have
some fun with it ;)

BUT, the logs will grow... 



On Thu,  5 Feb 2004 15:46:55 -0500
Carl Fischer <[EMAIL PROTECTED]> wrote:

> I just put together this script to annoy script kiddies looking for
> cmd.exe on my Linux-based web server.  Just wanted to know what people
> thought about its security.  AFAIK, it's pretty safe.  Also, new
> commands and responses are appreciated.
> 
>  - Carl
> 
> 
> #!/usr/bin/perl -T
> #
> #  Written by Carl Fischer <[EMAIL PROTECTED]>
> #
> #  GNU license.
> #
> #  This is a web server CGI designed to pretend to be cmd.exe
> #  I'm not an expert in perl scripting security, so no guarantees as
> to its #  safety.  I think it's pretty safe though.  
> #
> 
> print "Content-type: text/plain\n\n";
> 
> 
> if (defined $ARGV[0] == FALSE) {
>   # This flushes STDOUT after every command (I hope).
>   $|=1;
>   # if no argument is given, make it look like we've hung at C:\>
>   print <  Microsoft(R) Windows NT(TM)
>  (C) Copyright 1985-1996 Microsoft Corp.
> 
> EOF
>   ; 
>   print 'C:\>  '; 
>   sleep 30;
> } else {
>   if ($ARGV[0] =~ /\/c/i) {
> # Handle those obnoxious dir requests.
> if ($ARGV[1] eq 'dir') {
>   $dir = 'C:\\';
> 
>   # If any other path to dir is specified, say we can't find it.
>   unless ( (defined $ARGV[2] == FALSE) || ($ARGV[2] =~ /^C:.?$/i)
>   ) {
> if ($ARGV[2] =~ /[ABD-Gabd-g]:/) {
>   print "The device is not ready\n";
> } else {
>   print "The system cannot find the file specified.\n\n";
> }
>   } else {
>   # if no path is given, produce this output.
>   print <  Volume in drive C is BAIT
>  Volume Serial Number is A33B-666A
> 
>  Directory of $dir
> 
> 06/02/01  12:02p  WINNT
> 09/23/03  12:43p  pdf995
> 06/02/01  12:04p  Program Files
> 06/02/01  12:05p 0 CONFIG.SYS
> 06/02/01  12:05p 0 AUTOEXEC.BAT
> 06/02/01  12:38p  Windows Update Setup Files
> 09/23/03  02:03p  My Documents
> 01/16/04  04:26a   333 GatorPdpPlg.log
> 09/17/03  11:57p  Users
> 09/19/03  02:33p  My Downloads
> 06/02/01  05:57p 0 temp.ps
> 02/03/04  02:14p   278,921,216 pagefile.sys
> 09/11/01  04:45p  My Music
> 02-05-04  8:30a  0 You Are a LUSER now go away.txt
>   14 File(s)  2,138,598 bytes
>  20,101,311,488 bytes free
> EOF
> ; 
>   }
> } elsif ($ARGV[1] eq 'type' ) {
> # the next logical thing to do is type a file.
>   if (defined $ARGV[2]) {
> print "The system cannot find the file specified\n";
>   } else {
> print "The syntax of the command is incorrect.\n";
>   }
> } elsif ($ARGV[1] eq 'copy' ) {
>   if (defined $ARGV[3]) {
> print "1 file(s) copied.\n\n";
>   } else {
> print "The syntax of the command is incorrect.\n";
>   }
> } elsif ($ARGV[1] eq 'tftp') {
>   print "Sorry.  Haven't implemented bullshit response for tftp
>   yet.\n";
> } elsif ($ARGV[1] eq 'echo') {
>   print $ARGV[2]."\n" unless ( join(' ', @ARGV) =~ />/ );
> } elsif ($ARGV[1] eq 'move' ) {
>   print "1 file(s) moved.\n\n"; 
> } elsif ($ARGV[1] eq 'del' ) {
>   print "You're one nasty little son of a bitch, aren't you?!\n";
>   print "I think I'll just keep those files.\n";
>   print "Now, go play with someone else's web server\n\n";
> }
> # If we haven't thought of it, it's a bad command.
> else {
>   print < The name specified is not recognized as an
> internal or external command, operable program or batch file.
> EOF
> ;
>   }
>   } elsif ($ARGV[0] eq '/?') {
> print <<'EOF'  
> Starts a new instance of the Windows/NT command interpreter
> 
> CMD [/X | /Y] [/A | /U] [/Q] [[/C | /K] string]
> 
> /C  Carries out the command specified by string and then
> terminates/K  Carries out the command specified by string but
> remains/Q  Turns the echo off
> /A  Causes the output of internal commands to a pipe or file to be
> ANSI/U  Causes the output of internal commands to a pipe or file
> to be Unicode/T:fg   Sets the foreground/background colors (see COLOR
> /? for more info)/X  Enable extensions to the Windows NT version
> of CMD.EXE/Y  Disable extensions to the Windows NT version of
> CMD.EXE
> 
> Note that multiple commands separated by the command separator '&&'
> are accepted for string if surrounded by quotes
> 
> Command Extensions are enabled by default.  You may also disable
> extensions for all invocations of the command processor by setting the
> following value in the registry to 0
> 
> HKEY_CURRENT_USER\S

Re: Include Files in Perl?

2004-02-03 Thread Alexander Blüm 
that doesn't sound too good. sounds like loading all into memory, split
it up into arrays and then finally printing the contents to the browser.
bleh!

how aout this:

#somewhere in the code:
&include("/includes/header.html");
...
&include("/includes/footer.html");

### subroutine
sub include{
  my $filename = shift;
  open(FH, "<$filename") || die "cannot open $filename: $!\n";
  while (){
print $_;
  }
  close FH;
}



On Tue, 3 Feb 2004 19:37:54 +1100
"Charlie somerville" <[EMAIL PROTECTED]> wrote:

> just use this code:
> 
> ===START CODE===
> $filename="my_file"; #Set the filename
> open(A,$filename) || die "Waaah! The open didn't work: $!"; #Open the
> file in $filename or do what MSWindows always does
> @a=; #Put the filehandle A in the array @a;
> print "Content-Type: text/html\nPragma: No-cache\n\n"; #Take away the
> 'Pragma: No-cache' bit if u want the browser to cache it
> print @a; #Spits it out
> close A; #Close the filehandle (not always neccesary)
> END CODE
> 
> 
> "Seldan" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> > Hello.
> >
> > I have been writing and maintaining a web-based intranet application
> > for some time, primarily written in PHP with the backend written in
> > POSIX
> shell.
> > The pages access a postgreSQL database and I use a bit of JavaScript
> > to
> make
> > things look nice.
> >
> > In effect, it is a typical DB driven app. to help out with system
> > administration, etc.  Lately, I've been teaching myself Perl and
> > have decided to convert some of this to that language to assist in
> > learning.
> So
> > far, it has worked out nicely and I've begun to access modules like
> > Write::Excel, CGI.pm, Pg.pm, etc.
> >
> > However, I am trying to keep this site as modular and easy to
> > maintain as possible and cannot seem to find the right equivalent
> > for a basic PHP"include" or "require" function.  I use several
> > variables that stay the
> same
> > throughout the scripts, and would like to host them in a separate
> > file.
> >
> > Sifting through ideas on this I've come across: SSI, Embperl, Mason,
> > and possibly creating modules to handle this.  All seem like a bit
> > of work, which isn't a problem, I just want to make sure that I'm
> > not missing a simple, obvious way to make this happen!
> >
> > Any thoughts or suggestions are welcome.
> > Thanks.
> > Tom
> >
> >
> 
> 
> 
> -- 
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>  
> 
> 


cheers,
  Alex

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

remote host name

2003-09-14 Thread Alexander Blüm 
hello,

as my subject indicates, I'm looking for a way of resolving the remote 
hostname.
any system command will do too...

I'm planning to write a small script that simply tells the connecting 
user, which DNS name he has, since my localnet is equipped with a dhcp 
server the clients usually get a new address each time.. their new 
address usually looks like this dhcp184.bluemix (bluemix is the domain)...

TIA,

alex.

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Date to seconds

2003-09-11 Thread Alexander Blüm 
Li, Kit-Wing wrote:
Hi,

Does anybody know of a quick method in perl to turn a date string into its
equivalent in seconds, include milliseconds if possible?  
> Ex: 20030910 13:50:25.6 to 1063202644.  Thanks much!

starting when?
I mean, you 1063202644 seconds, and these are
33years : 37weeks : 01day : 14hours : 04minutes : 04seconds

oooh... since 1970 00:00:00

try "print time()";

if you want to convert any other date to seconds since 1970, you will 
have to convert the year, month and day seperately to seconds, don't 
forget, the hours and minutes...

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: md5

2003-07-11 Thread Alexander Blüm 
I solved the problem... not using OO-style, but function-style.

like this:

...
use Digest::MD5 qw(md5_hex);
...
 $r->print( "$pw -> ".md5_hex($pw)."" );
...
*tadaa*



Alexander Blüm wrote:
hello

I ran into an odd problem, that I cannot explain to myself...

I use mod_perl 1.27 and apache 1.3.27... the commandline script works 
perfectly:
perl -mDigest::MD5 -we 'print new Digest::MD5->md5_hex("lol")."\n"'
returns "fe5608e20902819328733f5e672b6af6" each time I run the script.

ok... I added this to my mod_perl script, and whenever I refresh, I get 
different results EACH refresh... that's not the way it's supposed to be...

here is my script that returns a different value each time

##> THE MOD_PERL SCRIPT: <##

#!/usr/bin/perl -w

use strict;
use Digest::MD5;
our $r = shift;
my $md5 = new Digest::MD5;
my $pw = "lol";

$r->no_cache(1);
$r->send_http_header('text/html');
$r->print(&_head("", ""));
$r->print( "$pw -> ".$md5->md5_hex($pw)."" );
$r->print(&_foot());
sub _head{
my $page = shift;
my $sid = shift;
my $output=<
GATWU

XXX
return $output;
}
sub _foot{
my $output=<

XXX
return $output;
}



--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

md5

2003-07-11 Thread Alexander Blüm 
hello

I ran into an odd problem, that I cannot explain to myself...

I use mod_perl 1.27 and apache 1.3.27... the commandline script works 
perfectly:
perl -mDigest::MD5 -we 'print new Digest::MD5->md5_hex("lol")."\n"'
returns "fe5608e20902819328733f5e672b6af6" each time I run the script.

ok... I added this to my mod_perl script, and whenever I refresh, I get 
different results EACH refresh... that's not the way it's supposed to be...

here is my script that returns a different value each time

##> THE MOD_PERL SCRIPT: <##

#!/usr/bin/perl -w

use strict;
use Digest::MD5;
our $r = shift;
my $md5 = new Digest::MD5;
my $pw = "lol";

$r->no_cache(1);
$r->send_http_header('text/html');
$r->print(&_head("", ""));
$r->print( "$pw -> ".$md5->md5_hex($pw)."" );
$r->print(&_foot());
sub _head{
my $page = shift;
my $sid = shift;
my $output=<
GATWU

XXX
return $output;
}
sub _foot{
my $output=<

XXX
return $output;
}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: disabling the use of browser history

2003-07-06 Thread Alexander Blüm 


Octavian Rasnita wrote:
This doesn't work right every time.
A better idea is to put the HTTP headers in the real HTTP header like:
print <<"EOF";
Content-type: text/html
Pragma: no-cache
Cache-control: no-cache
Expires: Thu, 01 Jan, 3200 10:10:10 GMT
EOF
true, now I used

$r->no_cache(1);
$r->send_http_header('text/html');
since I'm using mod_perl, and it does send the wanted headers:
Connecting to 192.168.0.11:80... connected.
HTTP request sent, awaiting response...
 1 HTTP/1.1 200 OK
 2 Date: Sun, 06 Jul 2003 11:40:21 GMT
 3 Server: Apache/1.3.27 (Unix) mod_perl/1.27
 4 Pragma: no-cache
 5 Cache-control: no-cache
 6 Keep-Alive: timeout=15, max=100
 7 Connection: Keep-Alive
 8 Content-Type: text/html
 9 Expires: Sun, 06 Jul 2003 11:40:21 GMT
200 OK
BUT: I can still go back and forth...

The browser I use is Mozilla, maybe that's a different story...

well, I followed the access log, and when I do go back and forth, there 
are really no "GET"'s nor "POST"'s - the browser still chaches the data...

are there other ways?

----- Original Message -
From: "Greenhalgh David" <[EMAIL PROTECTED]>
To: "Alexander Blüm" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Sunday, July 06, 2003 9:17 AM
Subject: Re: disabling the use of browser history





HTH

Dave

On Saturday, July 5, 2003, at 10:12  pm, Alexander Blüm wrote:


hello!!!

I'm writing a database frontend based on perl-CGI.

Each query is being cached in a file with the current session-ID. The
reason for this doing is that some queries do take a very long time to
process and have a large output. If I want to see the next 50 results
using the SQL 'LIMIT' and 'OFFSET' option this would require to rerun
the query, which is unnecessary, since the database is used rarely.
Either way, I need to disable the use of the browsers function to "go
back" or "forward" - it may result in unexpected or wrong outputs.
wasn't this done somehow with the HTML headers or javascript?

I remember something with the word "expire"...

Any help would be greatly appreciated.
TIA
cheers,
Alex
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

disabling the use of browser history

2003-07-05 Thread Alexander Blüm 
hello!!!

I'm writing a database frontend based on perl-CGI.

Each query is being cached in a file with the current session-ID. The 
reason for this doing is that some queries do take a very long time to 
process and have a large output. If I want to see the next 50 results 
using the SQL 'LIMIT' and 'OFFSET' option this would require to rerun 
the query, which is unnecessary, since the database is used rarely.

Either way, I need to disable the use of the browsers function to "go 
back" or "forward" - it may result in unexpected or wrong outputs.

wasn't this done somehow with the HTML headers or javascript?

I remember something with the word "expire"...

Any help would be greatly appreciated.
TIA
cheers,
Alex
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]