Re: Secure Form Submission
On Fri, 22 Aug 2003 20:10:37 +, [EMAIL PROTECTED] (Greenhalgh David) wrote: Thanks for that. The MD5 is a one way hash, unfortunately. I need to be able to decrypt at the server side. I agree about SSL, unfortunately my client's host (borrowed space on a non-commercial server) only has 2 IPs for SSL and both are filled until the system upgrade late this year. What I am looking for is a fill in solution that will allow some form of secure transmission of personal information (not a password) until the SSL becomes available. Well you could always use Perl scripts, and setup some socket connections. You could just ask the client to download a small script and run it, which do a safe transfer. It could be done alot of ways. The downloaded perl script could be run to encrypt a file with rc4, then the client could upload the results. The MD5 password method would give you a way to exchange an initial password safely, then that password could be used by both sides for the rc4 password. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Secure Form Submission
On Fri, 22 Aug 2003 05:48:14 +, [EMAIL PROTECTED] (Greenhalgh David) wrote: Hi All, I need to implement a form that is submitted securely. My client does not have access to SSL on his host. I was thinking in terms of a session cookie with a client side RC4 encrypt and a decrypt in the Perl script. Do peoople here consider that to be a secure scenario, or is there another method that you could recommend? The encryption needs to be reversible. There is a method using javascript http://sourceforge.net/projects/perl-md5-login/ It sends a timed out temporary key, which some javascript uses to encrypt the post. It's soo much better to use SSL. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Premature end of script headers Linux with Fat32 filesystem
On Thu, 14 Aug 2003 16:16:23 -0500, [EMAIL PROTECTED] (Tim Brom) wrote: I dual-boot my computer and I have three partitions, an NTFS partition for Windows XP Pro, an ext3 filesystem for Linux (Red Hat Linux 9.0) and a Fat32 filesystem for my data (because FAT32 is the only filesystem both OS's play nicely with). I keep the data that I want shared stored on this FAT32 partition, including all the files for my websites. Whenever I try to access a script off of the FAT32 partition, I get a 'Premature end of script headers' error message. I can copy the script verbatim onto the ext3 filesystem and it works fine, and it works fine on my web host's server. Does anyone know why I am getting this error message only when the file is coming from a FAT32 filesystem? Thanks. It seems probable that it's a permissions problem. Maybe the fat32 partition isn't mounted to be executable by the web server. Most web servers are run as nobody:nogroup so your fat32 partition would need to be mode 777. How do you mount it? In /etc/fstab you need to put a umask=000 for the mount point of the fat32 partition. /dev/hda7 /mnt/fat32vfatrw,noauto,user,umask=000,quiet -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why executable?
On Mon, 11 Aug 2003 11:33:40 +0300, [EMAIL PROTECTED] (Octavian Rasnita) wrote: Hi all, Does anyone know why the perl scripts need to have the execute permission under Unix? I am asking this because I've seen that the PHP files don't need this permission. Couldn't perl just read a text file (doesn't matter if it has an execute permission or not), interpret it and execute it just like PHP does with its programs? perl scripts can be done the same way You can take any perl script, and remove the shebang line, chmod it to 644 , and run it like perl scriptname The way PHP is setup, the PHP interpreter is executable and calls it's readonly scripts. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Flock Test...
On Wed, 30 Jul 2003 02:14:45 +0500, [EMAIL PROTECTED] (Sara) wrote:
What could be the simplest test to check 'flock' working on your server or not?
except for writing to support team of host ::))
Thanks for any input.
Start the following script in 2 different terminals or xterms
simultaneously. The first one should hold the lock for 10 seconds,
then the second instance should take over. (If flock works).
#!/usr/bin/perl
use Fcntl ':flock'; # import LOCK_* constants
$|=1;
#run this twice and the second run will not run until first finishes
sub get_lock{
open(SEM, $semaphore_file) || die Cannot create semaphore: $!;
flock(SEM, LOCK_EX) || die Lock failed: $!;
}
sub release_lock{ close(SEM);}
$semaphore_file=flock-sub-semfile;
get_lock();
for(1..10){
print got lock;
sleep 1;
}
#Do something here
release_lock;
__END__
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tk/Perl and the Browser
On Thu, 5 Jun 2003 12:39:02 +0200 , [EMAIL PROTECTED] (Khalid Naji) wrote: Hi, Is there any way to display a Tk/Perl application unter the browser? Thank you KN Yes it's called the perlplus plugin http://www.Lehigh.EDU/~sol0/ptk/ppl/ppl.html It can be tricky to setup properly, but here is a copy of a recent post on comp.lang.perl.tk #33 From [EMAIL PROTECTED] Mon Mar 18 15:29:55 2002 Jim Turner [EMAIL PROTECTED] wrote: Has anyone successfully gotten the Apache webserver set up to serve Perl Plus Plugin (Perl/Tk) programs (application/x-perlplus)? I have added the mime-type information (I think correctly), and always get server-error. The log shows: Premature end of script headers. If you have, please tell me what you changed in your Apache config files and or your Perl/Tk (.ppl) script(s). Thanks, Jim Solved my own problems! Security=60 errors caused by permissions on the plugin .so file and directories leading to it (browser could not execute the plugin)! In Apache, added: application/x-perlplus ppl to apache-mime.types; and: AddType application/x-perlplus .ppl to commonhttpd.conf. In browser, modified newly-created helper app for perlplus to use plugin's default description, etc. Also, had to move .ppl files to my document-root -- they won't work in the CGI path?!?!?. Seems to work now in both Mozilla Netscape! Jim -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Calling a perl script from another perl script
On Mon, 2 Jun 2003 14:21:37 +0100 (WEST), [EMAIL PROTECTED] (João
luís bonina) wrote:
Well, I've tried the system function, but it isn't executing the script
which is located in the same directory...
I'm using it this way :
system('sendfile.pl ons4jlb');
If you havn't found an answer yet, it looks to me like
you have an error with single quotes around 'sendfile.pl ons4jlb'
It should be like this:
system('sendfile.pl' , 'ons4jlb') the (command , @args)
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Calling a perl script from another perl script
On Mon, 2 Jun 2003 15:25:03 -0400, [EMAIL PROTECTED] (Paul Kraus)
wrote:
List correct me if I am wrong but you can use single quotes here because
your not using any variables. You are passing exactly what you see. In
fact this is the preferred way to write strings that do not contain
variables or special characters. Correct?
Well the system command has the syntax
system($cmd, @args)
so if you use single quotes, system will look for a file named
'sendfile.pl ons4jlb' a filename with a space in it. I doubt if that
is his intention.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
zentara
Sent: Monday, June 02, 2003 3:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Calling a perl script from another perl script
On Mon, 2 Jun 2003 14:21:37 +0100 (WEST), [EMAIL PROTECTED] (João
luís bonina) wrote:
Well, I've tried the system function, but it isn't executing the script
which is located in the same directory...
I'm using it this way :
system('sendfile.pl ons4jlb');
If you havn't found an answer yet, it looks to me like
you have an error with single quotes around 'sendfile.pl ons4jlb'
It should be like this:
system('sendfile.pl' , 'ons4jlb') the (command , @args)
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Looking for form mail attachment script.
On Wed, 28 May 2003 02:57:47 -0700, [EMAIL PROTECTED] (Sara) wrote: I am looking for a pre-written CGI Form script, which is capable of sending mails with attachment from my desktop etc. I have seen an example of this script sometimes back in the group. Any ideas? I think you need to be a little more specific. If it's cgi, and you want to send mail with attachments from your desktop, that seems to indicate you are running a server somewhere, and you want to upload files to the server from your desktop, and mail them out from the server. Somehow, I don't think this is what you want, but maybeso be more specific. There are alot of scripts to send mail attachments from your desktop without using cgi forms. If you do need to do it with cgi, you have a few separate problems to deal with: -- create the form Done in 1 step: -- get mail text message and address -- upload the file -- send the uploaded file from the server to the address Sounds like a spam setup to me. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Too little memory
On Thu, 29 May 2003 10:47:26 -0500, [EMAIL PROTECTED] (Camilo
Gonzalez) wrote:
I need to read in from a temp file that is about 10 megs big in 1.5 meg
increments and write results to a database. I can't slurp up the whole
temp file because I'm only allowed 2 megs of memory. I was hoping to
read in only 1.5 megs per pass of the file but the read seems to be
slurping up the whole thing. Do I need sysread?
(this type of question belongs in perl.beginners)
while (sysread FILE, my $data, $chunksize){ . };
An alternative to using sysread would be to use Tie::File, and only
bring a limited number of lines into play at a time.
use Tie::File;
my @content;
tie (@content, 'Tie::File', $file)
or die Error: couldn't tie $file: $!\n;
# and treat the filecontent like an array, e.g.
print scalar(@content);
# .
untie (@content);
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Need more memory
On Fri, 30 May 2003 00:42:07 -0500, [EMAIL PROTECTED] (Camilo Gonzalez) wrote: Help, How do I flush out the memory so I can start with a fresh allotment? This is not a cgi question, it should be posted to perl.beginners. Perl will take care of the memory for you, it does not relinquish memory once it has it, but it reuses it for other variables. The only way to clear memory with Perl is to kill the script and restart it. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Need your help regarding CGI
On Tue, 27 May 2003 22:21:55 -0700 (PDT), [EMAIL PROTECTED]
(Soumyadeep Nandi) wrote:
I am running a CGI script in which I am running a
system command. The scripts is as follows:
`/var/www/cgi-bin/emboss/water
/var/www/cgi-bin/emboss/water1.seq
/var/www/cgi-bin/emboss/water2.seq -gapopen 10
-gapextend 5 -outfile
/var/www/cgi-bin/emboss/water.out`;
Above I am using the system command to run the program
water which should write the output into file
water.out, which is not writing anything to this
file.
I will hazard a guess that it's because you are using backticks
instead of system.
The backticks method captures the stdout to a variable, like:
$output = `ls`;
So you are not capturing any output above.
Maybe try to run it as a system command.
my $programtorun = 'ls';
my @parameters= qw/. ../;
my @cmdline = ( $programtorun, @parameters );
system (@cmdline);
It can be a bit tricky getting all the parameters to your system command
to be quoted properly, try a little experimentation.
For example:
system ('water', 'water1.seq', 'water2.seq', '-outfile water.out')
may not work, while changing the outfile to
system ('water', 'water1.seq', 'water2.seq', '-outfile', 'water.out')
will. Experiment if you have trouble.
Putting the parameters in an @array = qw() style can sometimes ease
this part of it. Just watch the quoting. Sometimes you need double
quotes if using a variable.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Good Perl cgi book?
On Mon, 17 Mar 2003 17:30:44 -0500, [EMAIL PROTECTED] (Bob X) wrote: What is the best book for a beginner to get started with on Perl and CGI? I would reccomend the Perl CD Bookshelf, 6 books in 1 on cd. It is nice because you can search it for little examples of code when you need it. Get version 3 if you can afford it, but you can't go wrong with v2 for the price. ($6.00) (watch wordwrap) http://half.ebay.com/search/search.jsp?nthTime=1product=booksquery=Perl+CD+Bookshelfx=0y=0 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: delete pattern from text file
On Mon, 17 Mar 2003 12:30:02 -0500, [EMAIL PROTECTED]
(Andrew Hughes) wrote:
submit the file gets read into memory. If I open the file as open
(DELETEFILE, . etc., the list gets overwritten entirely with nothing.
If I open the file as open (DELETEFILE, . etc, the info gets stored into
memory because I can print it out using print @emailfile which gives me the
entire file. Then, when I try to print back to the file, it is the entire
The first thing I always do is change the syntax to it's simplest
known-to-work style and then work from there. I would try
taking the concantation out of the open statement to eliminate
that possibility. Like:
sub deleteFromSubscribeList {
my $outfile = $mailingListPath . $mailingListName;
open (DELETEFILE, . $mailingListPath . $mailingListName) or die cannot
open file for appending: $!;
open (DELETEFILE, $outfile) or die $!;
flock (DELETEFILE, 2) or die cannot lock file exclusively: $!;
my @emailfile = DELETEFILE; #
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: anonymous hash clarification
On Sat, 15 Mar 2003 10:50:54 -0600, [EMAIL PROTECTED] (David
Gilden) wrote:
# Is the code below -- better or correct?
foreach my $bag (@bags){
$bags_ordered{$bag} = $bag unless exists $bags_ordered{$bag}
}
You can also try:
$bags_ordered{$bag} = $bags_ordered{$bag} || $bags;
#or
$bags_ordered{$bag} ||= $bags;
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: ASN1.pm
On Wed, 12 Mar 2003 12:02:52 -0500, [EMAIL PROTECTED] (Susan Aurand) wrote: I am getting an error can't locate ASN1.pm, I have tracked that down to - I need Convert-BER-1.25.tar.gz. I have downloaded the file. I cannot find the documents on this download, where to unzip and load, etc... Does anybody know. Thanks - Susan You must be using windows. A tar.gz file is like a zip file on windows. You can get untar programs that run on windows, but I don't think that will help you any to run it on a windows version of Perl. You should see if you can get the Convert-BER package for the particular version of Perl for windows that you have. If you need a free untar program, go search for untar or tar on www.nonags.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI.pm strange results
On Mon, 3 Mar 2003 16:07:26 -0500, [EMAIL PROTECTED] (Todd Wade) wrote: Zentara [EMAIL PROTECTED] wrote in message You might want to try assigning a variable name to param(quantity) first, before you set up the table. I don't know why, but sometimes the scripts don't like it any other way. I've run into this type of thing before, and just take the easy way out, and assign a variable. This is not true at all. Well what ever the reason is, it has worked that way sometimes for me. When you start deeply nesting and quoting in tables and here documents, Perl will sometimes fail to interpolate unless you force the value into a variable. I guess I havn't learned the trick yet. If you look at the html source, there are multiple input fields are named quanity. You need a way of indexing your quanity fields so you know which value of the array to fetch while looping through the selected items. Yeah, I realized that while thinking about it later. Another solution is to put an separate order button along each item, or he can rename the quantity parameter to quantity-furry, quantity-stripped, etc,etc. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI.pm strange results
On Sun, 2 Mar 2003 10:50:39 -0600, [EMAIL PROTECTED] (David Gilden) wrote: Hello, I am not understanding why I am getting strange data from the my CGI. Please point out what I have done wrong. Thanks Dave Gilden See the result at, you have to 'order' on item to see the problem. http://www.coraconnection.com/paul_s/pages/catalog.html I looked at it and clicked on order, and it does what the code says. With the exception of the quantity is zero. I'm using the latest mozilla, it shows 1 row of a table, with a picture of the item first, then it's description, the quantity (which isn't right), then the escaped $Price You might want to try assigning a variable name to param(quantity) first, before you set up the table. I don't know why, but sometimes the scripts don't like it any other way. I've run into this type of thing before, and just take the easy way out, and assign a variable. $quantity= param(quantity) print td, $quantity, /tdtd\$Price goes here/td\n; Otherwise, give more explanation of what your problem is. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Perl/CGI with FRAMES
On Sat, 1 Mar 2003 10:49:55 -0800, [EMAIL PROTECTED] (Maureen E
Fischer) wrote:
I have recently finished an online database system using perl/cgi. It
has been suggested that it would lend itself to using HTML frames.
I have a main menu that could always be shown and what is selected from it
would refresh another frame. I have never used this before but what I see
is identiflying what goes into the frame by using SRC= a file name. This
worked fine for the heading which is a gif file logo, but the data is
accumulated using multiple database reads and collected into tables.
I am using a perl here statement to output this data. So is there a simple
way to do this? Do I have to write my HTML to an intermediate file and then
refer to that using the SRC attribute?
No you don't have to write an intermediate file, but it can get tricky.
The best thing you can do is setup a little example page to experiment
with, get the idea down, then add more complexity to adapt to your
problem. Basically you need to get the idea of printing your links in a
manner which print to the appropriate frame target. Say you have 4
frames,top,left,main,and bottom. You can have a menu in the left frame,
and the results in the main frame. But when you print results to main,
the target of the links in main, should be self. Or when you click a
link in the left menu, that updates the left menu, the target should be
self; but links that return results to the main frame, need the target
= frame. I'm sure once you get past that hurdle, you will have an easy
time. You also need to update frames occaisionally, which alter all
the links.
Here is just a snippet to show you what the perl would look like
to generate some html for frames. This will generate a search menu
in the left(menu) frame, it's called from the left, and returns the html
links to the left. But when search results links are returned from the
search, (code not shown) the links created point to target=main, since I
want the results to go to the main frame.
You can even make the target a variable, like target=$target , it all
depends on how ingenious you want to get.
If you want to see my first attempt at this, go to
http://zentara.net/store/admin.html and play around.
The password is z-store
Try the Inventory Management, and look how the links get
setup.
You can download the script if you want to look at it.
It is not the best, but it will show you the idea.
http://zentara.net/downloads/perlshop-z.zip
You might want to setup your browser to use your chosen
colors to see the frames better, because I have them background=
black to hide the frame boundaries.
sub displaysrchmenu{
printPRINT_END;
bfont color=#00SEARCH INVOICES MENU:/font/bbrhr
Enter your start and end dates in the format bmmdd/bbr
Start defaults to 01012002br
End defaults to current datebrhr
centerbor/b/center
Enter a name to search for, or bothbrhr
You must fill in at least 1 fieldbrhr
form method=post target=_self
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
tabletrtd align=leftStart: /td
td align=leftinput type=text size=18 name=DSTART/td
/trtrtd align=leftEnd: /td
td align=leftinput type=text size=18 name=DEND/td/tr
/trtrtd align=leftName Search: /td
td align=leftinput type=text size=18 name=SNAME/td/tr
input type=hidden name=ACTION value='SEARCH INVOICES'
input type=hidden name=INVACTION value='DO SEARCH'
input type=submit value='Get Them'/td/tr/table/form
form method=post target=_top
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
input type=hidden name=ACTION value=EXIT
input type=submit align=left value=Exit/form
PRINT_END
exit;
}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: General ftp question
On Sat, 1 Mar 2003 16:59:38 -0800, [EMAIL PROTECTED] (Ebaad Ahmed) wrote: Hello All, I have just installed SuSe on my computer, I can ftp to any ftpsite from this but cannot ftp into the machine. How can I make this possibe. Any help will be really appreciated. The suse-linux-e mailling list is the best place to answer this. You can go to http://suse.com and subscribe to the list, they are a very helpful group. It's not hard. You have 2 types of ftp, user and anonymous. You need to 1. install a ftp daemon, and the ftpdir rpm (which sets up the anonymous directories. 2. start the ftpd 3. Setup your firewall to accept connections for the ftp port. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: checking if its a real number
On Wed, 26 Feb 2003 16:30:56 -0800, [EMAIL PROTECTED] (T. Murlidharan Nair)
wrote:
I have a cgi that need to accept only numeric values. ie +ve or -ve
real numbers.
Is there a quick and easy way to check this. I was trying using a reg exp
if(/^[-0-9][\.0-9]*/) {
do something
}
but this breaks when the number is say --75.4 It still accepts if it
has two - signs.
$_ = 4.01;
if (/\D/){ print has nondigits\n }
if (/^\d+$/) { print is a whole number\n }
if (/^-?\d+$/) { print is an integer\n }
if (/^[+-]?\d+$/){ print is a +/- integer\n }
if (/^-?\d+\.?\d*$/) { print is a real number\n }
if (/^-?(?:\d+(?:\.\d*)?|\.\d+)$/) { print is a decimal number\n }
if (/^([+-]?)(?=\d|\.\d)\d*(\.\d*)?([Ee]([+-]?\d+))?$/)
{ print a C float\n }
°
Also check out the Regex::Common module, it has number-type detection.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do embed javascript
On Wed, 26 Feb 2003 19:00:18 -0800, [EMAIL PROTECTED] (Tom McKellips) wrote:
Hi,
How do I embed a java script inside a perl cgi? In my perl code I have a
Watch wordwrap :-) This javascript will give you the option
to view another cgi in a popup window. The printenv script is
at the bottom.
#!/usr/bin/perl
$url='http://zentara.zentara.net/~zentara/cgi-bin/printenv';
printEOH;
Content-type: text/html
htmlbody
EOH
printEOT;
script type=text/javascript
function showPopup() {
var win;
win =
window.open($url,poputWindow,width=400,height=400,status=no,resizable=yes,scrollbars=yes);
}
/script
a href=javascript:showPopup()Show Results in Popup Window/a
brbr
a href=javascript:window.close();Close/abr
brorbrbr
forminput type=button value=Close
onclick=javascript:window.close();/form
brbr
a href=javascript:history.go(-1)Back to Previous Page/a
/body/html
EOT
__END__
--
#!/usr/bin/perl
##
## printenv -- demo CGI program which just prints its environment
##
print Content-type: text/plain\n\n;
foreach $var (sort(keys(%ENV))) {
$val = $ENV{$var};
$val =~ s|\n|\\n|g;
$val =~ s||\\|g;
print ${var}=\${val}\\n;
}
__END__
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: importing data from first program
On Tue, 28 Jan 2003 20:19:57 -0600, [EMAIL PROTECTED] (J. Alejandro
Ceballos Z.) wrote:
I have 2 perl programs
The first one is using strict, are two variables have a value, but in a
procedure it calls a second program, and I want to load the value of the
previous variables, but I can't. See example
You should use our to declare the variables.
#!/usr/bin/perl
# program1.pl
use strict;
our ($a,$b);
require (program2.pl);
proc1;
sub proc1 {print $a $b\n}
proc2;
#!/usr/bin/perl
# program2.pl
our($a,$b)=(1,2);
sub proc2 {print $a+$b,\n}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help in running cgi script to append passwd file, shadow and group
On Fri, 24 Jan 2003 15:30:59 +0800, [EMAIL PROTECTED] (Glynn S. Condez) wrote: Hi All, I created a cgi perl script, its an account creation script, means you can add an account to a linux system. my problem is, the cgi can't append the password, shadow and group file. How can I make my script to work? I don't have any idea now if its possible to make the script work. When you are asking to do alot with just a simple script. First of all, you need root access to do this, and running anything as root thru cgi is asking for trouble. Usually the answer to this is to use something like suexec, so the web browser runs as a user, then put that user in the sudoers file, with the power to do it. It still is dangerous. Another better solution, is to have the cgi write the requests for user and password change to a file, and run a cron script by root, which periodically checks it for errors, and does the changes. Unless you are really good at this, and few are, it might be best to use an already developed package to do this. Maybe webmin, or whatever, I forget the names. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: newbie need help
On Wed, 15 Jan 2003 15:54:02 +0800, [EMAIL PROTECTED] (Glynn
S. Condez) wrote:
i have a web form that users can input a username and password and check if
the username is valid by parsing or extracting the contents of a file, here
the web form html:
I'm not sure what you are trying to do with just the username,
don't you want to check the password too?
#!/usr/bin/perl
use CGI qw(param);
$username = param('username');
$password = param('password');
$file= /home/user/public_html/file.txt;
print Content-type: text/plain\n\n;
open (F1,$file);
foreach (F1) {
chomp;
($field1,$field2,$field3,$field4,$field5,$field6) = split /\s/, $_;
if ($username =~ /\b$field2\b/) {
if (($username =~ /\b$field2\b/)and ($password =~ /\b$field3\b/)) {
print OK\n;
print $username and $password\n;
}else{
print oops try again\n;
}
}
close(F1);
and this is the content of the file.txt:
snip
user: user1 password my.domain.com mech:PLAIN
user: user2 realm: my.domain.com mech:PLAIN
user: user3 realm: my.domain.com mech:PLAIN
user: user4 realm: my.domain.com mech:PLAIN
---snip---
my problem with this script is, it doesnt display if the
username is valid or not but valid usernames display
OK, $username and $password.
whats the problem with the else statement? kindly correct my
script.
TIA
glen
--- Glynn ---
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: taint question
On Thu, 2 Jan 2003 23:36:04 -0600, [EMAIL PROTECTED] (Reactor)
wrote:
I am fairly new to perl, so this is probably looks like a silly question:
I am trying to write text to a file as specified by the query string
environment variable. Since the file names are all numbers, I'm using a
regex to strip anything other than a digit from the variable, and assign the
new value to a variable. I've R-ed a few different FM's for the way to do
this, and it says to use the regex memory value, which isn't tainted. When
I try this using my current regex it leaves the $1 variable undefined. Code
snipet:
@temp = split(/=/, $ENV{'QUERY_STRING'});
$temp[0] =~ s/([^0-9])//g;
$filename = $1;
I made a sort of mini-debug function that prints out each variable. It
prints the unprocessed query string after spliting and the value of $temp[0]
after processing (which is all numbers) correctly, but the variable
$filename doesn't have a value... Not sure where I went wrong with this...
Unless the $1 is null because the matched pattern is deleted... or does the $1 hold
the return value?
Well you definitely are thinking the right way as far as using
the taint mode.
Your problem is a common one with regexes, make sure you are
matching or $1 will be undefined. Usually they do something like:
if($temp[0] =~ s/([^0-9])//g){$filename = $1}
else warn no match\n;
Try some more debugging, I'm sure the regex isn't doing what you
think it supposed to be doing. Try printing $temp[0] before and
after the regex. It might be as simple as
$temp[0] =~ s/([^0-9])/$1/g;
Otherwise, post some sample data, and the regex experts can
help you make the proper match.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Membership Database
On Sun, 29 Dec 2002 15:33:38 -0500, [EMAIL PROTECTED] (Lewis Kirk) wrote: Anybody know of a simple cgi program for managing a membership database (flatfile or other)? Features should include allowing members to edit certain info with a username password login. Ability to display only certain fields in an html page. Searchable on multiple fields. Easily customizable. Thanks! dbman is free to use for non-profits or personal use, shareware for profit use. It's easy, and works well. http://www.gossamer-threads.com/scripts/dbman/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI scripts permissions
On Wed, 25 Dec 2002 19:39:58 +, [EMAIL PROTECTED] (Philip Pawley) wrote: I'm a newbie, so the below is a question: Is this problem of cgi permissions different when you are just running a perl script from a virtual include - as I am? Reading this thread, I did some tests and changed my script's permissions to 500 and it still works fine. (I first did it just for a test script of course)! I am just an ordinary user (in my own group) on the web server. How is this possible? You probably have suexec running on the webserver. mode 500 means that the user can read and execute the script. Normally the httpd daemon will be nobody/nogroup, or something similarly underprivileged. With suexec, you are letting the httpd daemon run as user/users. I said that it has it's drawbacks. That's why if you do use it for something important, make a separate user just to run that cgi script. Here is a little test script to run: First run it and see what you get, then go and rename /usr/sbin/suexec to suexec.bak and restart apache. Then see what you get. ### #!/bin/sh echo Content-type: text/plain echo echo Username=`whoami` ### -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI scripts permissions
On Wed, 25 Dec 2002 05:34:04 +0200, [EMAIL PROTECTED] (Octavian Rasnita) wrote: Yes I know these, but ... it seems there is no solution. 1. The web server is not in the same group with me, and if it will be made to stay in the same group with me, the other users that have web pages on that server will need to be added to that group. 2. I saw that I need to give read permission also for a script to work, not only execute permissions. The only solution would be to run the Apache server with my user, but I don't know how to do that. How is this possible? Apache has the suexec program to do this. If suexec is in the path when apache starts up, then the httpd will run as user when in the user's home directory. This has advantages and disadvantages, but it is easily done. Normally apache will run as wwwrun/nogroup or nobody/nogroup, with suexec, apache will run as user/users when in users public_html. You can then run scripts at mode 700. It usually is best to set aside a dedicated user just for some cgi-program. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IF statments
On Mon, 23 Dec 2002 01:33:58 -0600, [EMAIL PROTECTED] (David
Gilden) wrote:
I would like to be able to test for either of the two secret words
but it seems to fail, what am I missing?
#!/usr/bin/perl
use CGI qw/:standard/;
use CGI::Carp qw(fatalsToBrowser);
use strict;
my $qs = $ENV{'QUERY_STRING'};
my $secret_word = 'one';
my $secret_word_guest = 'two';
if (($qs ne $secret_word_guest) or ($qs ne $secret_word)) {
print Bad password;
exit;
}
Hi, I think your problem is that you are using
my $qs = $ENV{'QUERY_STRING'};
and you are expecting it to match, it dosn't.
The $ENV{'QUERY_STRING'} actually looks something like
somewordsomeotherword
or it may look like
someword=thissomeword=that
So
if (($qs ne $secret_word_guest) or ($qs ne $secret_word)) {
print Bad password;
should always say Bad Password
You might be able to get away with using a regex instead of ne
if (($qs !~ $secret_word_guest) or ($qs !~ $secret_word)) {
print Bad password;
But you are better off using the params given to you by
CGI.pm
if ( param('secret_word) ne $secret_word) or
( param('secret_word_guest) ne $secret_word_guest))
{print 'Bad Password'}
You might want to improve that logic, I'm not sure if it does
what you really intend. Like maybe:
if ( param('secret_word) eq $secret_word) or
( param('secret_word_guest) eq $secret_word_guest))
{print 'Good Password'}
else {print 'Bad Password'}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: IF statments -- part 2
On Mon, 23 Dec 2002 02:10:17 -0600, [EMAIL PROTECTED] (David
Gilden) wrote:
This is not working either
# Goal, to check against two different passwords.
#!/usr/bin/perl
my $qs = 'c';
my $secret_word = 'a';
my $secret_word_guest = 'b';
if ($qs !~ /$secret_word_guest|$secret_word/) {
print fail\n;
} else { print go, ok\n;}
... more code...
What should happen is that if $secret_word OR $secret_word_guest does not Match $qs
Then it should print 'Fail'.
Please see if you can explain why this in not working,
It works exactly as you wrote it.
You are telling it if c does not match a or b print fail.
Try putting $qs = 'a' it works fine.
Logic will get you twisted into a pretzel. :-)
Maybe you want
print fail\n unless ($qs =~ /$secret_word_guest|$secret_word/);
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: broadcast photo on other site not by up load
On Sat, 21 Dec 2002 14:07:03 -0700, [EMAIL PROTECTED] (Eric Lin) wrote: Now I am in linux again, I did /usr/bin/perl /usr/lib/cgi-bin/showphoto.pl mytestout.jpg then at netscape 7 's url type /home/fsshl/mytestout.jpg it showed --- The image file:///home/fsshl/mytestout.jpg cannot be displayed, because it contains errors Make sure your showphoto.pl script is not outputting an html header. Can you look at mytestout.jpg with somethong else like xv. Look at mytestout.jpg with a hex editor and see what the first few lines are. Are they a valid jpeg header? Compare it to other known good jpegs you have. Your showphoto.pl script should be able to read in a image and then print it out without corrupting it. Post your showphoto.pl that you are using. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: broadcast photo on other site not by up load
On Fri, 13 Dec 2002 13:55:50 -0700, [EMAIL PROTECTED] (Eric) wrote: Dear Zentara: I copy that piece of code and paste in my showphoto.pl in C:\apache2\cgi-bin\ but it still not show any photo attach my showphoto.pl please help again Sorry, but it's hard to say what exactly your problem is, especially because I don't use windows and don't know the peculiarities of your windows apache server. My suggestion is to work thru it step by step, until you see where the problem is. The first step is to get your script to output the image to it's STDOUT. In other words, you should be able to do showphoto.pl mytestout.jpg and you should get a good photo out. Then you want to put it in your cgi-bin and try to see where apache is messing up outputting the photo. It usually ends up being something very simple, which you are overlooking. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: automatically downloading files into a certain directory
On Fri, 13 Dec 2002 09:22:01 +0100, [EMAIL PROTECTED] (Anette
Seiler) wrote:
Hi,
thanks to all for answering. After discussing it with my colleagues I will
do it in a way Peter and zentara suggested.
By the way, the software is intended for librarians who want to download
certain metadata-records from the web onto their computer for upgrading and
uploading to a library system.
Hi, if you are interested, here is a little frontend GUI to download
files using gtk-perl. You can easily change it to automatically enter
the filename to get. If you need help doing that, let me know.
This one uses gtk, but tk has similar scripts.
##
#!/usr/bin/perl -w
use strict;
use Gtk;
use LWP::UserAgent;
set_locale Gtk;
init Gtk;
my $true = 1;
my $false = 0;
my ($window,$button,$vbox,$hbox,$label,$label1,
$entry,$adj,$pbar,$URL,$filename);
# Create the window.
$window = new Gtk::Window( 'toplevel' );
$window-signal_connect( 'delete_event', sub { Gtk-exit( 0 ); } );
$window-border_width(10);
$vbox = new Gtk::VBox( $false, 0 );
$hbox = new Gtk::HBox($false,0);
$window-add($vbox);
# Label to let the user know what is going on.
$label = new Gtk::Label(Gtk
downloader);
$vbox-pack_start( $label, $false, $false, 10 );
$label-show();
# Label to display URL to retreive.
$label1 = new Gtk::Label( file to retrieve\n );
$vbox-pack_start( $label1, $false, $false, 10 );
$label1-show();
# Create the Entry
$entry = new Gtk::Entry(100);
$entry-signal_connect( activate,\get_entry,1,2);
$entry-set_text( Enter );
$entry-append_text( Url );
$entry-select_region( 0, length( $entry-get_text() ) );
$vbox-pack_start( $entry, $true, $true, 0 );
$entry-show();
# Set up the progress bar
$adj = new Gtk::Adjustment( 0, 1, 100, 0, 0, 0 );
$pbar = new_with_adjustment Gtk::ProgressBar( $adj );
$vbox-pack_start( $pbar, $false, $false, 10 );
$pbar-set_format_string(%p%%);
$pbar-set_show_text(1);
$pbar-set_value(1);
$pbar-show();
#Create start button
$button = new Gtk::Button( Start );
$button-signal_connect( clicked, \get_file);
$hbox-pack_start($button, $true, $false,0);
$button-show();
# Create the close button
$button = new Gtk::Button( Close );
$button-signal_connect( 'clicked', sub { Gtk-exit( 0 ); } );
$hbox-pack_start( $button, $true, $false,0);
$button-show();
$vbox-add($hbox);
$hbox-show();
$vbox-show();
$window-show();
main Gtk;
exit( 0 );
sub get_file{
get_entry();
my $ua = LWP::UserAgent-new;
open(IN,$filename);
my $value = 0;
my $expected_length;
my $bytes_received = 0;
my $res = $ua-request(HTTP::Request-new(GET = $URL),
sub {
my ( $chunk, $res ) = @_;
$bytes_received += length($chunk);
unless ( defined $expected_length ) {
$expected_length = $res-content_length || 0;
$label1-set_text( Getting $filename\n$expected_length
bytes );
}if($expected_length){
$value= int (100 * $bytes_received / $expected_length)
|| 0;
}
# write to the file
print IN $chunk;
$pbar-set_value( ++$value ) if ($value =~ /^[0-9]+$/);
# Run the main loop as long as events are pending
Gtk-main_iteration while ( Gtk-events_pending );
});
close IN;
# Download is done, inform the user.
if(-s $filename eq 0){
$label1-set_text( file contained no data\nCheck URL );
unlink $filename;
}else{
$label1-set_text( $filename saved\n Download Complete );
$pbar-set_value(101);
}
return;
}
sub get_entry{
$URL = $entry-get_text();
$pbar-set_value(0);
$filename = substr($URL, rindex($URL, / )+1);
$filename =~ s/~//g;
$filename = $filename || $URL;
$filename =~ s/[~\/]//g;
$label1-set_text($filename\n);
return;
}
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: printing an image
On Thu, 12 Dec 2002 10:15:19 +0200, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
Hi all,
Can someone give me a correct example of code that prints an image?
Here's an example that is as simple as it can get: :-)
##
#!/usr/bin/perl
$file='image1.png';
printEOH;
Content-Type: image/png
EOH
binmode STDOUT;
open (FH, $file) or die Can't open $file: $!;
while(FH){print}
close (FH);
exit 0;
#
#you might want to use this
$/ = \8192; # read data in 8kbyte chunks rather than from LF to LF
# see perldoc perlvar
print while IMAGE;
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: automatically downloading files into a certain directory
On Thu, 12 Dec 2002 09:21:37 +0100, [EMAIL PROTECTED] (Anette Seiler) wrote: I want to do something where I am not sure it can be done with perl... Basically a user should klick on a button on a website. Then the script should create a file with certain information from a database on the webserver (that's easy) and that file should automatically be downloaded into a certain directory on the user's computer (that is the difficult part). The user is not computer illaterate, but he should not bother about downloading and choosing certain directories (as he will have to download hundreds of these files) and definitely not about ftp or something like that. Well, as I said, it is the downloading part that I don't know how to do. Can it be done with perl or should I look at something else - maybe javascript? I don't think it can be done automatically like you want, from a web browser. It would cause too many security problems. In a web browser, the user must be asked to save anything to disk, once for each file. If you need automation of this kind, you should look into using a LWP script to automatically get the files, and keep the browser out of it. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: A little help with uptime.
On Sat, 7 Dec 2002 10:57:31 -0900, [EMAIL PROTECTED] (Mark-Nathaniel
Weisman) wrote:
Hey all,
I've got the script below that does not work, will anyone please tell me what
I've done wrong? I can't see where the script is failing and the logs simply say that
the script header is bad. I don't understand. Can someone please help?
##!/usr/bin/perl
My (@machines,$host,$user,$pass)
Open(INFILE,machines.txt)
or die Error opening machines.txt.$!,stopped
@machines = INFILE;
Close(INFILE);
Foreach my $rec (@machines) {
chomp($rec);
($host,$user,$pass) = split(/,/, $rec);
open (OUTFILE, records.txt)
or die Error opening records.txt.$!,stopped;
close(OUTFILE);
open (OUTFILE, records.txt)
or die Error opening records.txt.$!,stopped;
print OUTFILE 'ssh -l $user $host uptime';
close(OUTFILE);
};
Without the greater than marks of course. Where am I going wrong? Help please?
Sample of machines.txt
192.168.x.1,mary,password
I'm trying to capture the data from the uptime command into a file that is erased
every time the script is run.
Even if you get the script to run, it won't do what you want. Did you
write this or are you trying to adapt a different script to do what you
want?
open (OUTFILE, records.txt)
or die Error opening records.txt.$!,stopped;
close(OUTFILE);
open (OUTFILE, records.txt)
or die Error opening records.txt.$!,stopped;
print OUTFILE 'ssh -l $user $host uptime';
close(OUTFILE);
};
You dont need to open OUTFILE twice, to overwrite the
old file, and putting single quotes around something makes
it print literally. Also you are not going to get ssh to work
the way you have it, unless you are intending it for something
later.
Try something like this:
open (OUTFILE, records.txt)
or die Error opening records.txt.$!,stopped;
my $uptime = `uptime`;
print OUTFILE $user $host $uptime;
close(OUTFILE);
};
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Download problem
On 06 Dec 2002 08:22:19 +0200, [EMAIL PROTECTED] (Stelian Iancu)
wrote:
Hello!
I try to download a file from a CGI script. Here is the code:
$self-header_props(-type='application/x-octet-stream',
-attachment=$file);
open(FILE, $file);
binmode(FILE);
$/ = undef;
my($data) = FILE;
close(FILE);
binmode(STDOUT);
print $data;
I am using CGI::App, but the problem is not there. Anyway, the file is
written directly in the browser, I don't get a Save to disk dialog.
I'm guessing that the CGI::App module isn't doing the headers right.
Try this.
##3
#!/usr/bin/perl
$file = 'test.tgz';
printEOH;
Content-type: application/octet-stream
Content-Disposition: attachment\; filename=$file
EOH
binmode STDOUT;
open (FH, $file) or die Can't open $file: $!;
binmode FH;
while(FH){print}
close (FH);
exit 0;
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Download problem
On Fri, 06 Dec 2002 08:22:19 +0200, Stelian Iancu wrote:
I try to download a file from a CGI script. Here is the code:
$self-header_props(-type='application/x-octet-stream',
-attachment=$file);
open(FILE, $file);
binmode(FILE);
$/ = undef;
my($data) = FILE;
close(FILE);
binmode(STDOUT);
print $data;
I am using CGI::App, but the problem is not there. Anyway, the file is
written directly in the browser, I don't get a Save to disk dialog.
I'm guessing something is wrong in the way you setup the header.
Here is a method that works for me.
#
#!/usr/bin/perl
$file = 'test.tgz';
printEOH;
Content-type: application/octet-stream
Content-Disposition: attachment\; filename=$file
EOH
binmode STDOUT;
open (FH, $file) or die Can't open $file: $!;
binmode FH;
while(FH){print}
close (FH);
exit 0;
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: libwww example / tutorial
On Sat, 23 Nov 2002 05:07:15 -0800 (PST), [EMAIL PROTECTED] (Admin-Stress) wrote: Hi, Anyone know any URL about libwww example / tutorial? I cant find decent source. I just want to learn how to GET an ouput from a website and parse the Read perldoc lwpcook. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Changing row color with subroutine
On Fri, 22 Nov 2002 03:28:39 -0800, [EMAIL PROTECTED] (Poster) wrote:
Hi, I am having a little trouble with a sub that is using the modulus
operator.
Yeah, it fooled me too for a bit :-)
The problem is the way you pass the value to the
sub, @_ always is 1, the count of elements in @_.
Change @_ to @_[0] or better yet $_[0]
It is called here-within a while loop:
while (my $row = $sth-fetchrow_hashref()) {
count++;
color_rows( $count )
--some other stuff
td bgcolor=$bgcolortable cell value/td
-some other stuff
}
--here is the sub
sub color_rows
{
my $num = @_;
my $num = $_[0];
my $bgcolor;
If ( $num % 2 == 0 ) {
$bgcolor=#bde6de;
} else {
$bgcolor=white;
}
return $bgcolor;
}#end sub
I expect that when the value that is passed in $count is even it will
set the row color green, otherwise it will set it to white. What it is
actually doing is setting the value white every time.
Thanks.
Ramon Hildreth
---
[ www.subudusa.org ] [ www.subudseattle.org ]
[ www.ramonred.com ]
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Running a Perl program countinuously
On Mon, 18 Nov 2002 20:01:42 +0200, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
Thank you.
Please tell me how can I verify if the process is running.
Hi here is a script I've been experimenting with. It only reports
whether the process is running or not, in this case apache.
You can easily put a system rcapache restart (or whatever
your httpd restart command is) where it reports apache not running.
This script will detect multiple instances of itself, and will kill
itself if invoked with the k switch.
This method actually scans ps for the process name, but there
are other methods possible, like finding apache's pid and storing
it to a file, then checking for the existence of the pid, instead of the
name.
Anyways, for your examination, here it is.
apache-monitor
#!/usr/bin/perl -w
#just run it. The first time it starts the daemon. If you try to start
#it
#a second time, it gives an error msg. Run it with any commandline
#argument,
# like k will kill all instances of the script
use strict;
use IO::Handle;
use Proc::ProcessTable;
use Proc::Daemon;
my $t1 = new Proc::ProcessTable;
my @pids;
my $pid;
foreach my $p (@{$t1-table}){
if($p-cmndline =~ /apache-monitor/){
$pid = $p-pid;
#print $pid\n;
push(@pids,$pid); #unless $pid == $$;
}
}
###
if (exists $ARGV[0]) { foreach $pid (@pids){
print killing pid $pid\n;
kill 9,$pid;
}
}
if ($#pids 0) {
print @pids already running!\n;
exit;
}
Proc::Daemon::Init;
#open(LOG,/var/log/apache-monitor.log) or die $!; #when run as root
open(LOG,/tmp/apache-monitor.log) or die $!; #for testing
while (1){
my $ok =0;
my $t = new Proc::ProcessTable;
foreach my $p (@{$t-table}){
if($p-cmndline =~ /\/usr\/sbin\/httpd/){
print LOG time(),' ',$p-cmndline, already running!\n;
$ok=1;last;
}
}
if ($ok == 0) {print LOG time(),' ',failed!\n;}
LOG-flush;
sleep(15);
}
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Mailing truncated lines
On Sat, 16 Nov 2002 09:38:02 -0600, [EMAIL PROTECTED] (J. Alejandro
Ceballos Z.) wrote:
use LWP::Simple;
$cResult = get('http://www.some.sit/cgi-bin/status.pl?condition=true');
open (MAIL, /usr/lib/sendmail -s /test/ [EMAIL PROTECTED]);
print MAIL To: me [EMAIL PROTECTED]/n;
print MAIL Content: $cResult/n/n;
close (MAIL);
but, if I see the page directly, I see it correct. If I use the above
program,
many of the lines appear truncated. Here is part of the result -note that
the lines are truncated before the TD close -
I will hazard a guess that you are printing the $cResult as part
of your content-type header.
Maybe try something like this:
print MAIL Subject: $subject\n;
print MAIL From: $from\n;
print MAIL To: $to\n;
print MAIL END;
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
$cResult
END
###
Notice the blank line before $cResult, it's important.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Unable to run cgi script
On Mon, 11 Nov 2002 12:27:25 -, [EMAIL PROTECTED] (Kelvin McWha) wrote: System is SuSe 8.1 stand-a-lone Apache 1.3 Have got Apache running OK and tested it in standalone mode using http://localhost which shows the appropriate test page Can you get http://localhost/~kevin to run? In SuSE 8.1 you need to enabled user home dirs. Look at /etc/sysconfig/apache and see if you have home directories enabled. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: buttons groups
On Thu, 7 Nov 2002 17:04:40 -0600, [EMAIL PROTECTED] (Jerry Preston) wrote: I have two groups of three buttons each and I want to but the on the same screen, but they inter react with each other. How do you keep them apart? No one can help you unless you post the code which causes your problem. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setting user-agent string
On Fri, 8 Nov 2002 03:00:33 -0800 (PST), [EMAIL PROTECTED]
(Admin-Stress) wrote:
Here I got a code to upload file to a cgi running in a webserver :
#!/usr/bin/perl
use warnings;
use strict;
use HTTP::Request::Common qw(POST);
use LWP::UserAgent;
my $url ='http://www.mydomain.com/cgi-bin/upload.cgi';
my $file = 'testfile.dat';
my $ua = new LWP::UserAgent;
#if $ua is already defined
$ua-agent('Mozilla/5.0');
$ua-agent(); # don't identify
#or do it when you first initialize it
my $ua = LWP::UserAgent-new(agent = 'Coolbrowser-999' );
# read perldoc LWP::UserAgent
my $req = POST $url,
Content_Type = 'multipart/form-data',
Content = [
file = [$file]
];
my $res = $ua-request($req);
if ($res-is_success){print $res-as_string;
}else{print $res-status_line;
}
exit 0;
My idea is, to have a perl script to automate http upload without fill in form, etc.
My question, how can I set user-agent string? so the web server will detect as, for
example
COOLBROWSER 0.1 :)
And, is there any limitation for the user-agent string lenght ?
Probably, you should keep it short.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to check server for perl setup?
On Sat, 2 Nov 2002 06:21:43 -0500, [EMAIL PROTECTED] (Dan Sabo) wrote:
Hi,
Is there a way I can check my server to see if my perl setup and
configuration is running OK and ready to run cgi scripts?
I've run pre written perl cgi scripts for a few years on a shared server but
recently set up my own server and for some reason I can't seem to get my
long used cgi script running. I think my path settings are correct in my
config files for the script - /usr/bin/perl, but how can I check to see if
perl is actually ready to go on my server and being accessed by the cgi
scripts OK?
I use Linux 7.3, apache 1.3.23 and perl 5.6.1
If you are switching scripts from another server, a likely culprit is
your directories have changed. Like they used to be in
/var/www/httpd/cgi-bin and
now they are in /usr/local/httpd/cgi-bin.
( Or something similar).
Your best bet is to put in a simple cgi test script on the server and
see if it runs. If it dos'nt, you probably need to work on your
httpd.conf file to enable cgi execution in your cgi-bin.
Here's a simple shell test script to see where your perl is:
#!/bin/sh
# disable filename globbing
set -f
echo Content-type: text/plain
echo
echo CGI/1.0 test script report:
echo
echo argc is $#. argv is $*.
echo
echo SERVER_SOFTWARE = $SERVER_SOFTWARE
echo SERVER_NAME = $SERVER_NAME
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
echo SERVER_PORT = $SERVER_PORT
echo REQUEST_METHOD = $REQUEST_METHOD
echo HTTP_ACCEPT = $HTTP_ACCEPT
echo PATH_INFO = $PATH_INFO
echo PATH_TRANSLATED = $PATH_TRANSLATED
echo SCRIPT_NAME = $SCRIPT_NAME
echo QUERY_STRING = $QUERY_STRING
echo REMOTE_HOST = $REMOTE_HOST
echo REMOTE_ADDR = $REMOTE_ADDR
echo REMOTE_USER = $REMOTE_USER
echo AUTH_TYPE = $AUTH_TYPE
echo CONTENT_TYPE = $CONTENT_TYPE
echo CONTENT_LENGTH = $CONTENT_LENGTH
echo Perl=`which perl`
If that runs, try this perl script:
##
#!/usr/bin/perl
# Don't buffer output
$| = 1;
# Ask for server name and information
chomp($hostname = `hostname`);
chomp($uname = `uname -a`);
# Ask system for user name
chomp($user = `/usr/bin/whoami`);
# Ask system for user id and group id for this user
($uid, $gid) = (getpwnam($user))[2, 3];
# Get path for sendmail program
chomp($sendmail = `which sendmail`);
#
# Generate the complete form
#
print Content-type: text/html\n\n;
print qq(
html
head
titleCGI Environment/title
/head
body bgcolor=white
b
Host name is $hostname.br
CGI programs execute as user $user ($uid, $gid).br
System description is $uname.br
/b
hr
h2 align=centerCGI Environment/h2
p
br
SERVER_SOFTWARE = $ENV{'SERVER_SOFTWARE'}br
SERVER_NAME = $ENV{'SERVER_NAME'}br
GATEWAY_INTERFACE = $ENV{'GATEWAY_INTERFACE'}br
SERVER_PROTOCOL = $ENV{'SERVER_PROTOCOL'}br
SERVER_PORT = $ENV{'SERVER_PORT'}br
REQUEST_METHOD = $ENV{'REQUEST_METHOD'}br
HTTP_FROM = $ENV{'HTTP_FROM'}br
HTTP_ACCEPT = $ENV{'HTTP_ACCEPT'}br
HTTP_USER_AGENT = $ENV{'HTTP_USER_AGENT'}br
HTTP_REFERER = $ENV{'HTTP_REFERER'}br
PATH_INFO = $ENV{'PATH_INFO'}br
PATH_TRANSLATED = $ENV{'PATH_TRANSLATED'}br
SCRIPT_NAME = $ENV{'SCRIPT_NAME'}br
QUERY_STRING = $ENV{'QUERY_STRING'}br
REMOTE_HOST = $ENV{'REMOTE_HOST'}br
REMOTE_ADDR = $ENV{'REMOTE_ADDR'}br
REMOTE_USER = $ENV{'REMOTE_USER'}br
REMOTE_IDENT = $ENV{'REMOTE_IDENT'}br
AUTH_TYPE = $ENV{'AUTH_TYPE'}br
CONTENT_TYPE = $ENV{'CONTENT_TYPE'}br
CONTENT_LENGTH = $ENV{'CONTENT_LENGTH'}br
p
hr
p
h2 align=centerComplete Environment/h2
);
foreach $key (sort keys %ENV)
{
print $key = $ENV{$key}br\n;
}
print qq(
h2 align=centerSystem Programs/h2
Sendmail program path : $sendmail
/body
/html
);
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: perl cgi security
On Thu, 31 Oct 2002 15:56:59 -0500, [EMAIL PROTECTED] (Todd W) wrote: Jim Lundeen [EMAIL PROTECTED] wrote in message news:3DBDA799.307DC69A;jimmyjames.net... nothing that will work on Linux box? perlcc works... see below. Yeah, I have to say that the perlcc which comes with perl5.8.0 is improved over the older versions, and will compile alot of scripts which used to fail. For simple scripts, with no modules, I'm getting executables in the 60k size range, that's pretty good. If I include CGI.pm, the size jumps to 1.7 meg ; but at least it still compiles and runs. :-) The general consensus used to be that perlcc was too finicky; but 5.8.0's version is improved. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: perl cgi security
On Sun, 27 Oct 2002 14:10:58 -0800 (PST), [EMAIL PROTECTED] (Admin-Stress) wrote: I am new to perl cgi. I would like to ask (maybe a silly question) : Is it possible to VIEW the source code of a perl cgi from a website? For example, I wrote a perl cgi like this http://www.myweb.com/cgi-bin/addcustomer.pl The purpose of that script is to add new customer into my MySQL database. So, is it possible that some one can download that script? Like using 'web site downloader' or 'dump' or any other method? If yes (possible), is there any way to prevent this? or to hide the cgi source code? You are probably safe from internet users getting your script. If your webserver is misconfigured you can view cgi files when you try to execute them, otherwise you are safe from people viewing them. Some webservers that are misconfigured, may treat a .pl file as a text file, and just display it. Try to do it yourself, enter http://www.myweb.com/cgi-bin/index.html and see what happens. If you get a list of files, there is a problem with your server. The real problem comes from other users on the server you share. Since your cgi is probably mode 755, that means other users might be able to ssh in to the server, and look thru the files in your /home dir. You can test how the system you are using is setup by ssh'ing in, then changing dir up to where you can see all the other user's homedirs. Then see if you can read their files. You can probably bet money that the government has already looked thru your files. Most ISP's have a warning that doing this may result in you getting kicked off their server. If you need security, then it is best that you run your own server, thru co-location. That way you are the only user, but then you still have the problem of the night-watchman poking around in your server. Maybe have 24-hour camera surveillance on the server? It gets complicated in a hurry, when you start talking about REAL security. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: perl, web based text editors available?
On Tue, 22 Oct 2002 09:34:27 -0400, [EMAIL PROTECTED] (Steveo) wrote: I have a small dynamic website I wrote in perl. All news and stuff is entered through a web accessible backend page and the data is written to a series of flat ascii text files. When I make a mistake in entering data, or if I want to change most data, I have to shell in and edit it with vi (no big deal). What I'd like to know is if there are simple web based text file editors (written in perl) out there that I can integrate into my website so I can edit these raw files over the web instead. I had been thinking of writing a cgi script that would allow you to pick any one of a predetermined set of data files to pull into a text area box that could be edited and then returned as a form to over-write the old version. It seems simple enough to read a text file into a webpage, but I'm not sure that the I know how to return the edited file to the webserver in the exact same format as it was retrieved. There are quite a few of those cgi-commandline scripts out there. Do a google search for cgi commandline or shell cgi. But you can save yourself some time, this is about the nicest one out there. ispsy.cgi http://NISoftware.com/ispy.cgi Beware: these are all security risks, You should rename the cgi to something other than the default, or ideally disable it after you are done. You really should consider keeping a separate ssh connection going, to do your edits in. Is it that hard to have ssh going in an xterm or terminal? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Running a process in background?
On Tue, 15 Oct 2002 08:01:43 +0200, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
Can I run more processes in background?
A process runs fine but I want to run more processes.
Maybe the Parallel::ForkManager module?
If you want to do it manually, here is a sub which will fork
a bunch of children and hand different data to each of them.
##
#!/usr/bin/perl
#For afork, the first argument is an array - a child will be
#forked for each array element. The second argument indicates the
maximum
#number of children that may be alive at one time. The third argument is
a
#code reference; this is the code that will be executed by the child.
One
#argument will be given to this code fragment. For afork, the array
element is
#passed. Note that this code will assume no other children will be
spawned,
#and that $SIG {CHLD} hasn't been set to IGNORE.
#by Abigail
if ($#ARGV 0){@ARGV = qw( 1 2 3 4 5)}
afork (\@ARGV,10,\hello);
print Main says: All done now\n;
sub hello{
my $data = $_[0];
print hello world from $data\n;}
##
sub afork (\@$) {
my ($data, $max, $code) = @_;
my $c = 0;
foreach my $data (@$data) {
wait unless ++ $c = $max;
die Fork failed: $!\n unless defined (my $pid = fork);
exit $code - ($data) unless $pid;
}
1 until -1 == wait;
}
#
###
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Sending HTML mail?
On Wed, 9 Oct 2002 20:43:13 +0200, [EMAIL PROTECTED] (Octavian Rasnita) wrote: Hello all, Could you please tell me what module should I use to send HTML mail? Can I use Net::SMTP? And what module could I use to send attachments Here's a nice method for sending text and html at the same time. That way, people without html mail readers can read it also. You could easily add an attachment to this, before the end boundary. ##3 #!/usr/bin/perl use Mail::Sendmail; use strict; my ($boundary,$html_email,$text_email,%email); $boundary = 'qwerqwerqewrqwesdsad' . time; $html_email = qq(html headtitleEmail/title/head body Hello world! /body /html ); $text_email = qq(Hello world!\n); %email = ( To = 'zentara@zentara', From= 'zentara@zentara', Subject = 'Hello world', 'MIME-Version' = 1.0, 'Content-type' = multipart/alternative; boundary=$boundary, Message = qq(--$boundary Content-type: text/plain; charset=UNKNOWN-8BIT $text_email --$boundary Content-type: text/html; charset=iso-8859-1 $html_email --$boundary-- ) ); sendmail(%email); -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI problem
On Wed, 2 Oct 2002 07:43:58 -0700 (PDT), [EMAIL PROTECTED] (Yahaya
Mohammed) wrote:
Note: forwarded message attached.
Your method of forwarding attached messages makes it difficult to
cut-n-paste comments in. In the future, put the message in the
message body .
Anyways, since you are just learning, your method is
referred to as the old perl4 cgi-lib subroutine, and
is widely frowned upon now. The following is one of the
newer methods.
###
#!/usr/bin/perl
use warnings;
use strict;
use CGI;
my $cgi=new CGI;
my %in = $cgi-Vars();
foreach my $key (keys %in){
print $key\t$in{$key}\n;
}
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: CGI problem
On Thu, 03 Oct 2002 07:34:13 -0400, [EMAIL PROTECTED] (Zentara)
wrote:
Oops, keep forgetting the header. :-) The following will
send the form variables back to the browser.
###
#!/usr/bin/perl
use warnings;
use strict;
use CGI;
my $cgi=new CGI;
print Content-type: text/html\n\n;
my %in = $cgi-Vars();
foreach my $key (keys %in){
print $key\t$in{$key}\n;
}
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: no shell account
On Tue, 1 Oct 2002 21:56:31 -0700 (PDT), [EMAIL PROTECTED] (Patricia
Hinman) wrote:
Hi everyone,
It's my first day studying sockets. I'm having
trouble getting the script on my server to initialize
itself because I don't have a shell account for my
website. Can I initialize the Socket on the server
side from a cgi script on my machine?
Here's my code.
Probably not. If you have an account on a remote server for
web page hosting, then they probably block you from opening
ports. Write an email to your sysadmin if you really
need to do this. On a remote server, with maybe a thousand or more
users, everyone would be constantly fighting over ports to use.
If you just want to practice with the script, use you own machine.
LocalHost = 'localhost'
or you will need to find someone who will give you a real user
account on their machine.
#!/usr/bin/perl
BEGIN{open(STDERR,./errsocket.txt);}
use CGI header;
print header;
use IO::Socket;
$sock = new IO::Socket::INET (
LocalHost = 'www.websiteprogrammin.com',
LocalPort = 1200,
Proto = 'tcp',
Listen= 5,
Reuse = 1
);
print Socket could not be created.
Reason: $! unless $sock;
open (FILE, $file) ||
print \nCouldn't open $file to write socket
input.$!;
while ($new_sock = $sock-accept()) {
while (defined ($buf = $new_sock)) {
print FILE $buf;
}
}
close ($sock);
close (FILE);
__
Do you Yahoo!?
New DSL Internet Access from SBC Yahoo!
http://sbc.yahoo.com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to run a process in background?
On Sun, 29 Sep 2002 16:40:07 +0200, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
I want to make a script that is activated from a browser but it might take a
long time to send all the messages using the Net::SMTP.
So I think that it could be a good idea to make a background process to run
it.
Can you give me some hints about how I should use the fork, to run the
process in background?
Your biggest problem is to close the pipes to apache from the forked
children, else your clients will see their browser's hang.
Merlyn has a good column on this at www.stonehenge.com column 20.
Here is a simple example to demonstrate the problem.
Make up some long process to test this with, like while(1){sleep(1)}
Then try running it as a cgi script with and without the line which
closes STDOUT, STDIN, and STDERR. With it commented out,
your browser will hang.
##
#!/usr/bin/perl
use warnings;
use strict;
$| = 1; # need either this or to explicitly flush stdout, etc.
# before forking
print Content-type: text/plain\n\n;
print Going to start the fork now\n;
fork exit;
#try running with the following line commented out
close STDOUT;close STDIN;close STDERR;
exec('./fork-long-process-test-process') || warn funniness $!;
#if you use system here, instead of exec, the parent process
#hangs around for child to exit, even though the cgi exits.
#
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: pop-up window with database access
On Fri, 27 Sep 2002 14:43:50 -0400, [EMAIL PROTECTED] (Jim Lundeen) wrote: Hello, I'm creating a web site for our department at my school. We have a sign-up form for a society that people can join. I want to create a MySQL database of university names and allow the user to click on a Lookup button on the sign-up form when they get to the field University Affiliation and the pop-up window would then go out and get a list of universities in the database and allow them to select the university they are with, then the selected value would be put in the correct text box on the main page form. I would guess that JavaScript is involved, but I don't know. Any help (detailed help!) would be very much appreciated by many students and professors from around the world! If you have limited perl knowledge, it will take you some time to develope this yourself, maybe a month? You might be better off buying an existing package which does this.for instance http://www.gossamer-threads.com/scripts/dbman/index.htm P.S. Avoid javascript. It will cause you headaches. :-) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pop-up window with database access
On Mon, 30 Sep 2002 10:28:51 -0500, [EMAIL PROTECTED] (Scot Robnett) wrote: Avoid Javascript is a pretty far-reaching statement. If you want to launch a popup window, Perl isn't going to do that, Javascript is. It only takes one or two lines of client-side code. There are easy-to-follow Javascript Yeah, you are right. But alot of people keep javascript disabled, so if you design your site expecting people to use it, you will be dissapointed. I've turned off pop-up javascript windows in my mozilla preferences because there are so many annoying pop-ads now. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pop-up window with database access
On Mon, 30 Sep 2002 11:47:37 -0500, [EMAIL PROTECTED] (Scot Robnett) wrote: Define a lot of people. I just did a quick google search for javascript statistics, and most of the surveys show somewhere between 10% and 15 % of people have disabled javascript. I guess it depends how important the pop-up function is to the project. Perl and MySQL are quite capable of handling the back end, but they're not going to manage this function. Well you can design your page to not need javascript. Like use frames, with a small frame for you to display your pop-up data in, keep some nice logo in there otherwise. Or you can always just pop open a new browser windowit isn't as cute and a tiny window, but it will always work. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Mail::MboxParser
On Fri, 27 Sep 2002 12:22:31 +0200, [EMAIL PROTECTED] (Margaret) wrote:
Hi
I'm trying to get some examples for this module but cannot find any. Can
someone please send me a simple example. I want to extract the headers and
body of the messages and also be able to delete the messages.
Here is a simple example. Mboxtest is an mbox file. I don't think
this module allows you to delete individual messages. Maybe you
want POP3Client?
If you want to do this on a remote pop server, try poppy
Poppy will individually show the mail headers along with the message's
size of each message on the mail server and then allow you to read,
delete, reply, or perform other tasks on that message.
http://home.sprynet.com/~cbagwell/projects.html
#!/usr/bin/perl
use Mail::MboxParser;
my $mb = Mail::MboxParser-new('Mboxtest', decode = 'ALL');
# slurping
for my $msg ($mb-get_messages) {
print ###\n;
print $msg-header-{subject}, \n;
print $msg-header-{from}, \n;
print ###\n;
$msg-store_all_attachments('tmp');
my ($body) = $msg-body($msg-find_body,0);
print ($body-as_string);
print ###\n;
}
print \n;
print \n;
print \n;
# we forgot to do something with the messages
$mb-rewind;
while (my $msg = $mb-next_message) {
# iterate again
# ...
}
exit;
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: text/area editing
On Sat, 21 Sep 2002 15:36:51 -0700, [EMAIL PROTECTED] (Ramon Hildreth) wrote: Hi, my cgi compiles on the command line, but I get an internal server error when I try to access in the browser printEOF; Content-type: text/html Content-type: text/html\n\n html body form method=post action=http://www.ramonred.net/cgi-bin/text.cgi; textarea rows=40 colos=67 name=box$content/textarea /body /html EOF # end of text.cgi I have made sure the permissions are set correctly. Any ideas what could be wrong? Oops! Sorry to overlook it. Ron Brown pointed it out to me in an email. I forgot the 2 newlines. should be: Content-type: text/html\n\n -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: text/area editing
On Sat, 21 Sep 2002 15:36:51 -0700, [EMAIL PROTECTED] (Ramon Hildreth) wrote: Hi, my cgi compiles on the command line, but I get an internal server error when I try to access in the browser Well, if it works on the commandline, but not from the browser, then it usually is a permissions problem, probably trying to open the file as user nobody, which you are when running thru the browser. What do your httpd error logs say? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: MD5 SHA-1
On Sat, 21 Sep 2002 10:29:25 +1000, [EMAIL PROTECTED] (Jimmy George) wrote: I thought 'encryption' was supposed to make the data transmitted from user to server into an unreadable block of garbage. Able to be decoded by the server of course - but of no use to any one else who tapped into the transmission or the file stored on the server. So what's the go? How does SSL make such things as credit card details secure?? An https connection is totally encrypted. No one on the network in between can see the raw data. The data is encrypted with the server certificate, and you should be able to look at what certs you have with your browser. The spiel I have just read talks about a 'digest' but all that is doing is verifying that the information you sent to the user is coming back unaltered. Why send data to a user for them to send back to you? How do I mangle a credit card number and decode at my end??? You don't need to if using https. If you are not using https, you should not be taking credit cards. However, once the cc number gets into your server, you should encrypt it before writing it to disk, so others on the system, can't accidently read them. The reason people send data to users, just to send it back, and have it verified, is to prevent the user from playing tricks. What is someone make an order for 1 widget, at an agreed upon price, you send the page for user verification, and they edit the page to a lower price, and send it back. You need to keep track of what is what. There are other ways of doing this, but they involve writing to disk files to save the state of the transaction. The above method saves you the trouble of writing to disk, until the transaction is finalized. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: text/area editing
On Sat, 21 Sep 2002 06:04:56 -0700, [EMAIL PROTECTED] (Ramon Hildreth) wrote: Hi, I would like to create a form that loads text into a text/area box for editing. So far in the books that I have I only see how you can post that is added to the text/area only. In my case I would like the html or cgi page to load with the text/area box already containing text. printEOHTML; html body FORM METHOD=post ACTION=http://www.example.com/foo.cgi; TEXTAREA ROWS=3 COLS=40 NAME=comments4 score and 7 years ago./TEXTAREA /form /body /html EOHTML -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: GPL - how does it work
On Thu, 19 Sep 2002 at 08:20, Alex Agerholm opined: AA:I am writing a CGI application/script in Perl which I am going to sell AA:This application uses a few Perl modules (CGI.pm, Session.pm) which is AA:covered by the GPL. AA:How am I going to handle that, when I do not want to release my application AA:under GPL ? AA: AA:In other words how can you use Perl modules under GPL in commercial AA:applications without making your application public ? You just make your original portions of code proprietary, and state it in the software. You can have a mixed bag of software, some parts GPL'd and other's not. Just make sure you clearly define what parts are not GPL'd, try to keep them in separate subroutines. It may be a waste of time, because any decent programmer can take some code, and rewrite it to do the same thing, but make it look different. But at least it will give you legal rights if some customer starts posting your code on a website; or if a customer employee confesses to selling copies. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Fw: output pushing
On Mon, 9 Sep 2002 14:31:44 +0300, [EMAIL PROTECTED] (Hytham Shehab)
wrote:
$|++;
this won't work man
u didn't get my q,
i need to push data into output without the need to recall the entire
script
to print the whole plus the new data, i want em to print only the new data.
thx
R u looking 4 nph-push?
#! /usr/bin/perl
$|=1; # don't buffer output
$BOUNDARY=--start-new-page-here--;# seperates html pages
print HTTP/1.0 200 OK\n;
print Pragma: no-cache\n;
print Content-type: multipart/x-mixed-replace;boundary=$BOUNDARY\n\n;
print $BOUNDARY\n;# tells browser to start a new
page
print Content-type: text/html\n\n;# tells it what kind
for ($count=10; $count = 0; $count--) {
print h1$count/h1\n;
print Get ready. Here comes b . ($count -1) . /b!\n;
sleep('1');
print $BOUNDARY\n;
print Content-type: text/html\n\n;
}
print h1boom!/h1\n;
print /html;# don't forget this!
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Splitting a string
On Thu, 5 Sep 2002 21:09:58 +0300, [EMAIL PROTECTED] (Octavian Rasnita) wrote: I want to split a string but it is a little too complicated for me. If it is too complicated, don't give me an answer but just a little hint to the right direction. I have a string like the following example (used to search in a search engine): perl editor free blind accessible I would like to split this string in such a way, so I would have 3 strings: perl editor free blind accessible Here's an idea. #!/usr/bin/perl $str = 'perl editor free blind accessible'; (@array) = $str=~ /(.*)(.*)(.*)/; $=\n; #to print each array element on a line print @array\n; -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Compiling a CGI program
On Wed, 4 Sep 2002 22:05:17 +0300, [EMAIL PROTECTED] (Octavian Rasnita) wrote: I've tried (without success) to compile a CGI application made in Perl using perlcc. I've tried then a test program but it also doesn't want to compile. #!/perl/bin/perl print Content-type: text/html\n\n; print Test OK; Can I make a Windows executable using perlcc? Can you give me hints about what should I do to make the executable? You are better off using one of the commercial programs to do this. You might have to pay 100 bucks. When trying to compile this small program, it made a file a.out and another ..obj file but I don't know what to do with these files. The a.out is the default name for a compiled program, unless you give the -o outputname when you compile. Try renaming it to myprog.exe and see if it runs. I've tried using the -B parameter to compile directly, but it gave me a lot of assembly errors. When trying to compile a bigger one, it made a .c file then the program continued to work for a long time with no result. It made a .out file but its size was 0. That means there was an error. You will not have good luck with perlcc for most scripts. It chokes when you try to add modules. Get a commercial version from one of the windows vendors, they reportedly work pretty good. Although they don't give you any performance gain. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Data check
On Sun, 1 Sep 2002 11:25:50 -0700, [EMAIL PROTECTED] (Soheil Shaghaghi)
wrote:
Hi everyone,
I have a form with a list of countries (dropdown menu)
The countries are divided into 2 sections:
For simplicity lets' sue these sets:
Set 1: U.S. England, Canada, Germany
Set 2: India, Japan, France, Saint Lucia, Northern Ireland
The dropdown menu consists of the entire list.
When the user submits the form, I want to check the country against the 2
sets, and point the user to different sections depending on which set the
country is chosen.
I know I can do this simple enough and just use the values 0, and 1 for each
country in each set and check based on those values.
But since I actually want to use the country somewhere else in the program,
I am looking for an alternative way to do this.
Can anyone please tell me how to do this?
You have not made it entirely clear what you want to do, but I
will try to answer your question.
You want a user to select a country from the list, and you want
to know if the country is in set1 or set2, and then later in the program
use the $country value.
How about:
my @arr= qw(U.S., England, Canada, Germany);
my $country = param(COUNTRY);
if ( grep $_ == $country, @arr ) {my $countryset=1}
} else {my $countryset=2}
}
#later in the program you can:
if ($countryset == 1) { print My country is $country in set 1\n}
if ($countryset == 2) { print My country is $country in set 2\n}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to make a hyperlink an argument for a CGI script
On Sun, 1 Sep 2002 20:35:45 -0700 , [EMAIL PROTECTED] (David Nazary) wrote: Hi, In the following web page how can I make foo to become an argument to cgi-bin\script.pl script when I click on foo? body pa href=cgi-bin/script.plfoo/a/p /body Currently the script takes as an argument when I click on foo. Any suggestion are appreciated. I don't know what you want to accomplish with this method, but you can try: pa href=cgi-bin/script.pl/foofoo/a/p or pa href=cgi-bin/script.pl?foo=foofoo/a/p -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: encryption
On Fri, 30 Aug 2002 10:32:27 +1000, [EMAIL PROTECTED] (Jimmy George) wrote: Is there any way of encrypting a credit card number etc. so that it can not be seen when being transmitted from desktop to server? The user needs to see what they type to make sure it is correct - so how do we get cgi to encrypt that at the user end before transmission. You don't use cgi to encrypt data on the user side. If you are accepting credit card data, you need to be using the SSL protocol (https instead of http), which sends everything encrypted. The user can enter cc data in the browser, then send to a https address. None of the cc data will be visible in the transmission. If you notice, most online stores will switch from http to https when you check out. Some just run https all the time. There is a developer who is trying a method of Login Authentication with MD5 over http for people who don't have a secure server, it's called Javascript-LoginMD5. It works like this: When you first go to the cgi-script, it sends out a md5 key, which is used by some javascript in the browser to hide the password. It times out after a time delay, like 30 seconds. BUT this is totally inadequate for credit card data. If you try something like that for credit cards, you could be held liable for negligence with the data. If you are running your own server, you need to get a server-certificate from someplace like Verisign.Then you can start running a secure server with https on port 443. You can make your own self-certified certificate, but it is not trusted, because no external authority like Verisign has endorsed you as being trustworthy. What is to stop people from setting up phony stores with a self-certified certificates, just to collect credit card numbers? The Verisign people, and their competitors, investigate your legitimacy, then they give you a signed certificate to use in your web server. If you are running on a server from someone else, look at their help section for secure server or ask the administrator. I have read some books about it but all we appear to be able to do is to encrypt the received raw number before storing it so that the file it is kept in cannot be opened and read. Is that the limit right now? That is the way it is, your cgi program can only do encryptions on the data it has on the server. The encryption during transmission is handled by the protocol used either http on port 80, or https on port 443. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Redirect and cookies
On Fri, 30 Aug 2002 11:01:08 +0200, [EMAIL PROTECTED] (Alex Agerholm) wrote: Hi all, I have a problem with redirect. I have made a login system and when the user has logged in correctly I set a cookie and redirects the user to the first page. But on all pages (including the first one) I make a check to see if the user is logged in based on the cookie. When I redirect from the login page to the first page I therefore need to give the cookie along like: redirect( -uri=xxx.cgi, -cookie=$cookie); BUT IT DOES NOT WORK - my xxx.cgi script does not get the cookie. What can I do to fix this ? Have you checked that the cookie is actually being set in the browser? Then what code are you using to retreive the cookie? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Open new window.
On Mon, 26 Aug 2002 13:48:40 -0500, [EMAIL PROTECTED] (Mikeblezien) wrote: Hello all, this maybe bit off topic, but was hoping someone may have some suggestions. I have simple form that a person makes a selection from a drop box and we would like to open a new window, and resize it similar to using javascript(pop-up window), but can't really use javascript, because we need to do some simple math calculation, which would be produced in the new window that's opened, and would rather not open a full browser new window if at all possible,... and I haven't seen any js scripts that does this. was hoping someone may have done this with perl.. You might try using frames in your cgi. Have a small frame with at the top (or wherever) where you print your results. Keep a logo or something in that frame as default. form . target= top . ... /form -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Mail::Sendmail question
On 21 Aug 2002 22:22:48 -, [EMAIL PROTECTED] (Beans) wrote: Hello, i'm trying to get a perl script to send mail through Mail::Sendmail and it's not working. Maybe there's a really simple solution to this...any help would be greatly appreciated. I'm very new to all this and i have been looking for a solution for days wilth no success. Apache error log: [Wed Aug 21 16:38:05 2002] [error] Premature end of script headers: c:/apache/cgi-bin/testmail.pl testmail.pl script: !c:/perl/bin/perl -w #testmail.pl - Send mail using Mail::Sendmail module Well your shebang line is missing, that is one simple problem. #! -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: browser redirect
On Wed, 21 Aug 2002 17:08:18 +0800, [EMAIL PROTECTED] (Connie Chan)
wrote:
#! /usr/local/bin/perl
use strict;
my $version = do_sth_detect_browser_ver();
my $page = 'surly.cgi';
if ($version = 4) { $page = 'tipsy.cgi' }
print Content-type: text/html\n;
You shouldn't print the regular header with a Location header,
else you risk printing out the literal string 'Location: $page';
print Location: $page\n\n;
# END
Rgds,
Connie
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: bad interpreter
On Wed, 21 Aug 2002 09:51:09 +0100, [EMAIL PROTECTED] (Mat Harris) wrote: why, when i try to run one of my cgi scripts do i get a bad interpreter, file not found error? my shebang line is correct and works for every other perl script i run on that server. btw the script in question is the ikonboard forum solution from www.ikonboard.com. does anyone know of any bugs with it or another reason why i get this apparently incorrect error. 1. you somehow got a space in your shebang line, sometimes they look like #! /usr/bin/perl instead of #!/usr/bin/perl 2. you need to do a dos2unix conversion on the file If that dosn't work, post the top 50 lines of the file, let everyone look. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How fatalsToBrowser works ?
On Sun, 18 Aug 2002 06:08:38 +0800, [EMAIL PROTECTED] (Connie Chan)
wrote:
$main::SIG{__DIE__} = \Die4CGI::die;
*BUT!! I still not understand, how can this overided
the orgional die ? Why shouldn't I write as :
open FH, $file or Die4CGI::die($!) ;
Because your module says above that the MAIN SIG_DIE
is equal to your subroutine Die4CGI::die.
Would anybody tell me more ?
http://users.actcom.co.il/~choo/lupg/tutorials/signals/signals-programming.html
It's written for c, but the idea is exactly the same.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Creating a shopping cart
On Mon, 12 Aug 2002 21:25:18 +0300, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
Thank you but I want to learn that.
I want to learn how to work with a commerce partner, how should I write the
shopping cart to be able to communicate with them, etc.
Most of these online verification systems accept form posts with all
the data in form fields defined by them, then they return some post
form data to a url you specify. They vary on the field names, required
fields, and some idenification stuff, but are generally similar. So the
best thing to do is go to the website of the verifier that you want to
use, and get their help guide. It will detail the names of the fields
they expect, and most of them have a test server so you can test
verification routines. First do it manually, making a html form with
the fields, and send it. When you can get good results, and learn how
to capture the return results; then try converting it to do the posts
with LWP::UserAgent. Below is an example of one for Bank of America.
I'm sending the form data to an script on my own machine, respgen.pl
which simulates the BOA response, this is for testing offline. It's
listing is below. I give a $url to return the results to, called
boacc.pl. Now this will work with the BOA test server, just change
respgen.pl to the BOA test server address. I would encourage you
to make your own offline test setup, that way you will really see what
is happening from both the bank's end as well as yours.
Go here to get their developer docs, and test a sample transaction.
The url may be wordwrapped.
http://www.bankofamerica.com/merchantservices/index.cfm?template=merch_ic_estores_settle.cfm
By the way, if you want to see this in action, go to
http://zentara.net/store and make a phony purchase.
You can download the sources for this store if they interest you.
##
print qq(
body text=#00 bgcolor=cc link=#00 vlink=#00
alink=#FF
pbfont color=CCThe Bank Of America Credit Card Verification
results:/font/b
$card_no= z($card_no);
my $ua = LWP::UserAgent-new(timeout=45);
my $req = POST
'https://zentara.zentara.net/~zentara/cgi-bin/store/respgen.pl',
[IOC_merchant_id = '4301330018817403',
IOC_order_total_amount = $grand_total,
IOC_merchant_shopper_id = 'susehost',
# IOC_merchant_order_id = $order_id,
IOC_merchant_order_id = $unique_id,
ecom_billto_postal_street_line1 = $street1,
ecom_billto_postal_postalcode = $zip,
ecom_billto_postal_countrycode = $country,
ecom_billto_online_email = $email,
ecom_payment_card_name = $first $last,
ecom_payment_card_number = $card_no,
ecom_payment_card_expdate_month = $exp_mon,
ecom_payment_card_expdate_year = $exp_yr,
url = 'https://192.168.0.1/~zentara/cgi-bin/shop/boacc.pl',
];
my $content = $ua-request($req)-as_string;
print 'Please wait while your credit card is verified br';
verifycc();
}
###
respgen.pl
#
#!/usr/bin/perl
use warnings;
use CGI 'cgi';
use LWP::UserAgent;
our ($secure_server_address,$cgi_directory);
require './store_cfg';
#my $test= 'FALSE'; #set this to simulate a reject
my $test= 'TRUE'; # set this for a good acceptance
my $relay;
my $cgi = new CGI;
my %input= $cgi-Vars();
foreach $name (keys %input){
$value = $input{$name};
$relay .= $name=$value;
}
$relay .= Ecom_transaction_complete=$test;
$relay .= IOC_response_code=0;
open (RT,respgen.test);
print RT $relay;
close RT;
my $ua = LWP::UserAgent-new();
my $req = HTTP::Request-new (POST =
$secure_server_address$cgi_directory/boacc.pl);
$req-content_type('application/x-www-form-urlencoded');
$req-content($relay);
my $res = $ua-request($req);
print $res-as_string;
##
boacc.pl - what I do with the returned data
3
#!/usr/bin/perl
use CGI 'cgi';
use Crypt::RC4;
our $ccpassword;
require './store_cfg';
$ret = new CGI;
%boaresp = $ret - Vars();
my $data = '';
open(BT,boaresp.test);
foreach $name (keys %boaresp){
$value = $boaresp{$name};
print BT $name = $value\n;
if ($name eq 'ecom_payment_card_number'){$value= z($value)}
$data .= $name=$value|;
}
foreach $var (sort(keys(%ENV))) {
$val = $ENV{$var};
$val =~ s|\n|\\n|g;
$val =~ s||\\|g;
print BT ${var}=\${val}\\n;
}
print BT \n--\n;
close BT;
open(VERIFY,+customers/$boaresp{IOC_merchant_order_id}.v) or die
Can't open RETURN: $!\n;
flock VERIFY, LOCK_EX or warn Unable to lock for verify: $!;
if (($boaresp{Ecom_transaction_complete} eq
'TRUE')($boaresp{IOC_response_code} eq 0)) {
print VERIFY VeRiFiEdByZ$boaresp{IOC_merchant_order_id}|;
}else{
print VERIFY REJECTED$boaresp{IOC_merchant_order_id
Re: Postgres Example
On Thu, 8 Aug 2002 10:33:27 -0400, [EMAIL PROTECTED] (Rob) wrote:
Does any one know of an example script that uses the DBI module, connects
to a PostgreSql database, query's the db, and inserts a record.
I've been using flat text files for any storage that I've needed in the
past but would like to move on with the learning process. I've read the
perldoc for DBI but I think a small working example would help me out a
great deal.
Make sure postgres is running, put in your username, make sure the db
ztest is created first. This just fills up a products table with random
data.
#!/usr/bin/perl -w
###
# insert_product : this script will insert records into the
# products table
###
use DBI;
my $database_name = ztest;
my $database= dbi:Pg:dbname=$database_name;
my $db_user = zentara;
my $PRODUCT_TB = products;
# number of record to insert into the table
my $rec_num = 1000;
###
my $dbh = DBI-connect($database,$db_user,) or
die Can't connect to database\n;
$dbh-do(CREATE TABLE products (
name varchar(50),
price int4,
description varchar(50),
pic_location varchar(50)
));
my $sth = $dbh-prepare(INSERT INTO $PRODUCT_TB(name,price,description,
pic_location) VALUES (?,?,?,?));
for ($i = 1; $i = $rec_num; $i++){
my $name = Product $i;
my $price = rand 350;
#my $category = rand 3;
my $desc = Description of product $i;
my $pic = images/product/product.$i..jpg;
$sth-execute($name,$price,$desc,$pic);
}
print Finish inserting $rec_num records into table $PRODUCT_TB\n;
$dbh-disconnect;
exit();
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Sort of questions about CGI
On Sun, 4 Aug 2002 02:46:46 +0800, [EMAIL PROTECTED] (Connie Chan) wrote: many detailed questions on CGI You need to search thru the RFC's for cgi Here's a start: http://cgi-spec.golux.com/ http://www.perl.org/CGI_MetaFAQ.html -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help Needed: Debugging web applications in perl+cgi+php+mysql on apache+ssl
On Sun, 4 Aug 2002 00:17:38 -0700, [EMAIL PROTECTED] (Saurabh)
wrote:
(b)The second solution is to use a perl debugger called ptkdb. I am not sure how much
useful is this ptkdb in debugging a web appplication.
This is your best bet. You need to deal with the xhost issue when try to
do it over a network connection. But you should be doing almost all your
debugging on your local server, then ptkdb will work great.
Just put
#!/usr/bin/perl -d:ptkdb
BEGIN {$ENV{DISPLAY} = :0.0;}
at the top of your script.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why is not the window printed?
On Wed, 31 Jul 2002 15:17:56 +0300, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
I want to print another page that prints File uploading... while the file
is uploading.
Unfortunately I can't do that.
After pressing the upload button, the page remains the same. It only appears
Opening Page... in the task bar.
Only after the file is uploaded it prints the result page, even a part of
that page is printed before opening and printing the file.
Do you have any idea why?
Well I had to chop down, and slow your script up, to get it to run
for me.
I'm running this on my localhost, so I can't guess what happens over
a serial connection.
I'm guessing that your script is running so fast on the localhost, that
everything appears at once. I put a select(undef,undef,undef,.05)
in there, so the dots would flow. I also had to reduce your buffer size
to get more dots to appear. If you need to resort to these tricks to
get it to work over a serial connection, I'm afraid all you are doing is
slowing down your uploads, maybe you shouldn't use the upload
progress meter? Like I said, this runs on my localhost, showing
progress, but when I try the script from a machine on my LAN,
it prints all the dots at once. There is probably buffering going on
in the ethernet system. This is way too unpredictable to use.
#up2.cgi
###
#!/usr/bin/perl -wT
use strict;
use CGI;
my $q = new CGI;
#The max size of the uploaded file:
$CGI::POST_MAX = 1024 * 1024 * 30;
my $maxfile = $CGI::POST_MAX;
#The folder with the uploaded files:
my $outfolder = uploads;
upload;
sub upload {
my ($filen, $ext);
#Print the start of the page:
$| = 1;
print eof;
Content-type: text/html
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
http://www.w3.org/TR/html4/loose.dtd;
html lang=en head titleUploading the file.../title
/head
body
div class=center
div class=text_h1
The file is uploading...
/div/div
brbr
eof
my $file = $q-upload('file');
my $filename = $file;
$filename =~ s/^.*\///g;
$filename =~ s/^.*\\//g;
$filename =~ s/\-/_/g;
$filename =~ s/^\.*//g;
$filename =~ s/ /_/g;
my $allpath = $file;
if ($filename =~ /\./) {
$filen = $`;
$ext = $';
}
my $maxtries=4;
for (my $i=1; $i $maxtries; $i++) {
if (-e $outfolder/$filename) {
$filename = $filen . _ . $i . '.' . $ext;
}
}
#Create the file on the server, and print the . on the page:
open(OUT, $outfolder/$filename)
or die Can't open $outfolder/$file for writing. - $!;
binmode OUT;
binmode $file;
while (read($file, my $buffer, 1024)) {
print OUT $buffer;
#Print to the browser to prevent the timeout:
print .;
select (undef,undef,undef,.05);
}
close OUT;
my $filesize = -s $outfolder/$filename;
$filesize = (int(($filesize / 1024) * 10) / 10);
$filesize = $filesize KB;
#Print on the browser:
my $script = 'http://zentara.zentara.net/~zentara/up2.html';
print eof;
brbr
The file $filename was successfully uploaded!br
The file has $filesize.br
div class=center
a href=$scriptGo back if you want to upload one more file./a
nbsp; nbsp;
a href=/Go to main page on Teddy Center!/a
/body/html
eof
#End the subroutine
}
###
#up2.html
##
html
form enctype=multipart/form-data method=post
action=http://zentara.zentara.net/~zentara/cgi-bin/up2.cgi
input type=file name=file
INPUT TYPE=submit VALUE=Send!
/form
/html
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why is not the window printed?
On Thu, 01 Aug 2002 11:40:49 -0400, [EMAIL PROTECTED] (Zentara)
wrote:
Hi again, just to tell you I've had better luck with your
script. I tried to flush the stdout when printing .
I think the secret is to force a buffer flush with \n.
I tried :
select STDOUT; $|=1;
print STDOUT .;
but it still buffered the dots when used over a LAN.
I finally got it to work over my LAN with the
following changes. I broke the while loop
that does the reading up, so that each read
is a separate event.
Then I put a \n after the . i.e. print .\n.
Even then the dots came out a line at a time.
So I tried print still uploadingbr\n.
That does it, but it scrolls off bottom of screen.
Anyways, it should work.
The below script works, but you get an awful
lot of messages, but it depends on file size.
Anyways, it was fun trying to figure this out. :-)
#!/usr/bin/perl -wT
use strict;
use CGI;
my $q = new CGI;
#The max size of the uploaded file:
$CGI::POST_MAX = 1024 * 1024 * 30;
my $maxfile = $CGI::POST_MAX;
#The folder with the uploaded files:
my $outfolder = uploads;
upload;
sub upload {
my ($filen, $ext);
#Print the start of the page:
$| = 1;
print eof;
Content-type: text/html
Uploading the file...
bodyhtml
eof
my $file = $q-upload('file');
my $filename = $file;
$filename =~ s/^.*\///g;
$filename =~ s/^.*\\//g;
$filename =~ s/\-/_/g;
$filename =~ s/^\.*//g;
$filename =~ s/ /_/g;
my $allpath = $file;
if ($filename =~ /\./) {
$filen = $`;
$ext = $';
}
my $maxtries=4;
for (my $i=1; $i $maxtries; $i++) {
if (-e $outfolder/$filename) {
$filename = $filen . _ . $i . '.' . $ext;
}
}
#Create the file on the server, and print the . on the page:
open(OUT, $outfolder/$filename)
or die Can't open $outfolder/$file for writing. - $!;
binmode OUT;
while(1){
#while(read($file, my $buffer, 1024)){;
read($file, my $buffer,4096);
last unless $buffer;
print OUT $buffer;
print .still uploading\n;
select (undef,undef,undef,.01);
}
close OUT;
my $filesize = -s $outfolder/$filename;
$filesize = (int(($filesize / 1024) * 10) / 10);
$filesize = $filesize KB;
#Print on the browser:
my $script = 'http://zentara.zentara.net/~zentara/up2.html';
print eof;
brbr
The file $filename was successfully uploaded!br
The file has $filesize.br
div class=center
a href=$scriptGo back if you want to upload one more file./a
nbsp; nbsp;
a href=/Go to main page on Teddy Center!/a
/body/html
eof
#End the subroutine
}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Help with the code please
On Tue, 30 Jul 2002 08:18:27 -0700, [EMAIL PROTECTED] (Soheil Shaghaghi) wrote: Can anyone please help me? It is really hard to tell what you want to do from the information you sent. Your cgi-script dosn't print out any html, nor does it print a location to go to. What do you want? Post the whole working script, or else we can't even guess. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Post to a second CGI script
On Mon, 29 Jul 2002 20:06:09 -0400, [EMAIL PROTECTED] (Jim Lundeen)
wrote:
Here's the question: How to I post the LOGIN_USERNAME and USN to the
MENU.CGI script? I don't want the user carrying the info around in
the Location bar as ?USN=1234LOGIN_USERNAME=somebody -- I want it
to be part of the user's Perl process if you know what I mean, so that
if they hit RELOAD the values are still with them. Too, I don't want
someone trying to modify the info if it were in the Location bar, so
it needs to be a part of the post.
One way is to encrypt the username and password, with some simple
module like RC4, and MIME64(so it's printable), then send them out as
hidden fields in the post forms.
Then at the top of your script, check the username and password before
doing anything else. You could combine the username-password set into
one variable, may be call it $session, separate the two, to split later,
I used a pipe here.
If you are not using https, then the original logon password
will be sent in plain text over the net. There is a new module
out to handle this with javascript, it's called
perl-javascript-MD5-login , and it's on freshmeat.net. It allows you to
hide your password, when not in https. It sends a key, valid for
30 seconds, to a javascript on the browser, which then encrypts
it with MD5.
sections of pseudo-code follow:
##
use Crypt::RC4;
use MIME::Base64;
$s= $username.'|'.$password;
$session1 = RC4($key,$s);
$session= encoded($session1);
##
#always send the hidden field SESSION in all your forms
##
printEND_HTML;
table width=100% border=2 tr
td form method=post target=_self $server_address$cgi
input type=text size=30 name=whatiwant value=default
input type=hidden name=SESSION value=$session
input type=submit value=\DO IT\
/form/td
END_HTML
#
at the top of your script after you decode the params, have a
sub getpass, something like:
###
$ptest = $param{SESSION};
$pd= decode ($ptest);
$pd1= RC4($key, $pd);
($username, $password)= split('|', $pd1);
..
here check they are good names and passwords
..
if good, continue, else send error message
#
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: File upload question
On Sun, 28 Jul 2002 00:51:06 -0700 (PDT), [EMAIL PROTECTED] (Nate)
wrote:
i'm writing a website that requires an upload for pictures. I have figured out how to
get the image, upload it to the correct dirctory and save successfully, but the
problem comes with the fact that i have to specify the filename. i want to know how
to grab the filename from the input of the following script (and by the way, i do not
take credit for this script. i've only been programming in perl for about a day)
It's best to use CGI.pm for uploads, it will handle the
filename for you. In your upload form, set the param file.
See the sample html upload form at the end.
#upload.cgi
###
#!/usr/bin/perl -T
use strict;
use warnings;
use CGI;
$CGI::DISABLE_UPLOADS = 0;
my $query = new CGI;
my $upload_dir = uploads; #permissions for dir are set
my $file = $query-param(file);
my $filename = $file;
$filename =~s/.*[\/\\](.*)/$1/; #some taint checking
open (UPLOADFILE, $upload_dir/$filename);
while ( $file ){
print UPLOADFILE $_;
}
close UPLOADFILE;
print $query-header();
print END_HTML;
HTML
HEAD TITLEThanks!/TITLE /HEAD
BODY bgcolor=#ffbr
PThanks for uploading file : $filename!/P
/BODY
/HTML
END_HTML
#upload.html
#
html
form enctype=multipart/form-data method=post
action=http://zentara.zentara.net/~zentara/cgi-bin/upload.cgi
input type=file name=file
INPUT TYPE=submit VALUE=Send!
/form
/html
###
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: It was a success, but only in Windows, not Unix.
On Sat, 27 Jul 2002 22:38:23 +0300, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
It is that script for downloading a file then delete it from the server.
I've tried putting the unlink $file line in an END { ... } but this block
it is not executed if the download is cancelled.
Do you have any idea if I have any solution to make it work?
I tested it on linux apache with mozilla. It unlinks the file
if the user cancels the download. If you have people
killing their browser, without cancelling the download,
you may get some files left. Why don't you write the names
of the files, and their start-download times to a file, then
every hour run a script which cleans up files which
didn't get deleted, if their start-download time is older
than 10 minutes.
until (eof FH) {
read (FH, my $buf, 1);
print $buf;
}
Why use read with such a small block size?
This works:
while (FH){print}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: sending bulk emails in perl/sendmail
On Thu, 25 Jul 2002 06:36:40 -0700 (PDT), [EMAIL PROTECTED] (Shao-Ju
Chao) wrote:
I wonder if there is a safer and better way sending email messages to a group of
people.
For example, there is a text file that has all the recipient email addresses:
You can specify your list, 1 email per line in bulkmaillist
#
#!/usr/bin/perl
use strict;
use warnings;
use Mail::Bulkmail;
my $email = '[EMAIL PROTECTED]';
#eval {
my $bulk = Mail::Bulkmail-new(
# LIST = ['[EMAIL PROTECTED]','[EMAIL PROTECTED]'],
LIST = ./bulkmaillist,
GOOD = \good,
BAD = \bad,
From= $email,
Subject = 'Test of Bulkmail',
Message = Hi there, NAME. Mail::Bulkmail seems to work
fine!,
X-test = Bulkmail test!
) or die Mail::Bulkmail-error();
$bulk-bulkmail;
#};
sub good {print Mail successfully sent to (@_)}
sub bad {print Mail did not send to (@_)}
print ...error: $@ if $@;
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Checking if a file is downloading
-Original Message-
From: Octavian Rasnita [mailto:[EMAIL PROTECTED]]
I want to check if a certain file is downloading in this
moment by a page
visitor.
Is it possible with Perl?
Another option which is widely used is to have a cgi-script
do the file download, by printing the binary out. That way
you can closely monitor the file downloads. I just printed to
a log, but you could do anything you want. You could have a
cgi program, which checks this log, and tail it.
Then if ($tail =~ /downloading/){print downloading now\n}
Of course you will need to work out what happens if 2 or more
users are downloading at the same time.
###
#!/usr/bin/perl
$file = 'test.tgz';
open (LOG,test-tgz.log) or die Couldn't open log: $!;
print LOG downloading now, start: ,scalar localtime(),\t,
$ENV{REMOTE_ADDR},\n;
printEOH;
Content-type: application/octet-stream
Content-Disposition: attachment\; filename=$file
EOH
binmode STDOUT;
open (FH, $file) or die Can't open $file: $!;
binmode FH;
while(FH){print}
close (FH);
print LOG downloading finished, stop: ,scalar localtime(),\t,
$ENV{REMOTE_ADDR},\n;
close LOG;
exit 0;
##
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Buffer output?
On Mon, 22 Jul 2002 10:40:29 +0300, [EMAIL PROTECTED] (Octavian Rasnita)
wrote:
Hi all,
I've seen the following line in more Perl scripts and even in some Perl
books, but it wasn't very well explained.
$|=1; ## Don't buffer output
What does it mean to buffer output?
Which is the difference if the $| is 0 or 1?
If you want a nice demo of the buffering problem, run
this:
###
#!/usr/bin/perl
#without a newline, it won't print
#until the buffer is 2k
#$|=1; # try it with and without this line commented :-)
while (1){
print 'aa';
select(undef,undef,undef,.03);
}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: multi-page form and cgi.pm
On Wed, 17 Jul 2002 17:17:21 -0400, [EMAIL PROTECTED]
(Andrew Hughes) wrote:
I have been given the task of creating a multi-page form that will consist
of 4 parts. The final page will the list out everything that the users have
entered and ask if they would like to go back to any of the 4 sections to
update the information. Once the users are satisfied with the final
product, they will print it out. I know how to do this with multiple
scripts and html forms and hidden fields. However, I would like to try to
use one script with subroutines. I guess my main stumbling block is passing
hidden form fields between subroutines. Can anyone offer me a simple
example of how to go about passing a form field from one subroutine to
another subroutine where it is a hidden field using cgi.pm? And/Or, can
anyone point me in toward an applicable tutorial?
I like to use here documents, instead of CGI.pm, because it gives me
more control over the output.
Here is an example of a cgi script, which outputs forms with hidden
fields based on the previous submission's input.
You should be able to get the idea.
##start order-action
buttons#
printEND_HTML;
table width=100% border=2 tr
td align=center bgcolor=#00form method=post target=_self
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
input type=hidden name=CUST_ID value=$input{CUST_ID}
input type=hidden name=INVACTION value='SHIP'
input type=submit value=\SHIP\
/form/td
td align=center bgcolor=#00form method=post target=_self
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
input type=hidden name=CUST_ID value=$input{CUST_ID}
input type=hidden name=INVACTION value='EMAIL'
input type=submit value=\Email\
/form/td
td align=center bgcolor=#00form method=post target=_self
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
input type=hidden name=CUST_ID value=$input{CUST_ID}
input type=hidden name=INVACTION value='EDIT'
input type=submit value=\Edit\
/form/td
td align=center bgcolor=#00form method=post target=_self
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
input type=hidden name=CUST_ID value=$input{CUST_ID}
input type=hidden name=INVACTION value='BACK ORDER'
input type=submit value=\BACK ORDER\
/form/td
td align=center bgcolor=#00form method=post target=_self
$secure_server_address$cgi_directory/admin.cgi
input type=hidden name=PASSWORD value=$input{PASSWORD}
input type=hidden name=CUST_ID value=$input{CUST_ID}
input type=hidden name=INVACTION value='ADD COMMENT'
input type=submit value=\ADD COMMENT\
/form/td
END_HTML
print /tr/table;
###
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Viruses
On Wed, 17 Jul 2002 23:21:06 -0400, [EMAIL PROTECTED] (Admin) wrote: Please ensure your computers are virus free before sending attachments through this mailing list. In the past 2 weeks I have received notification from my Microtrend PC-cillin of no less than 6 worm/trojan infected files sent through this group. If others on this list do not have adequate virus protection please beware of possible viruses circulating through this email list. I havn't received any viruii thru this list, exactly which messages are you talking about. Maybe you should get rid of MS Windows. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Couple of newbie questions
On Tue, 16 Jul 2002 12:53:33 -0400, [EMAIL PROTECTED] (Kerr Wall) wrote: Hi All, What is the best way to test and debug? My vote is to use the ptkdb module. It is a graphical tk debugger for perl. It's beautiful, you can make break points, and list variable values; just watch the variables change as you step thru the script. It works remotely for cgi too. There are a bunch of tutorials on how to use it out there. Do a google search for ptkdb cgi tutorial. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Benchmarking
On Mon, 15 Jul 2002 08:30:45 -0500, [EMAIL PROTECTED] (Camilo Gonzalez) wrote: Good Kind Perl Gurus, I see mention of benchmarking CGI scripts to see how quickly they run. What's the best way to do this? I'm in a hosted Unix IRIX environment so may not have access to the shell and other areas. I'll hazard a guess. You just just wrap your cgi script in some benchmarking code, and print the benchmark results to a file. Then average out the times. Of course, you know that there are alot more things involved in cgi programs, like the connection speed, etc. These things all vary from one instance of the cgi script to the next; but if you average a large number of benchmark times, over a week or two, you could get a good guestimate. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: File Storage
On Mon, 15 Jul 2002 15:26:56 -0400, [EMAIL PROTECTED] (Jess Balint) wrote: Hello all. I just have a quick question. I am writing a small guestbook program to put into a web site. I want to put the information into a DBm file. The web site host says 'cgi-bin access'. I know apache usually runs under its own user. So where am I to put the dbm files at? Shall I create a folder in my home directory and grant write permissions to the apache user on it? Thanks. Make a sub-directory in cgi-bin called dbhome, and chmod it 777. If you could somehow initialize the db yourself, you could improve security by making dbhome 755 and just have the db files mode 777. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: graphic on-the-fly
On Mon, 15 Jul 2002 15:03:45 +0200, [EMAIL PROTECTED] (Konrad Foerstner) wrote: Hey folks, I would like to have a script which produces graphics on the fly,b ut there are some problems: - When I write the graphic-file to /tmp/ I can't open it by writing img src=/tmp/pic.png in the page the script produces. But the pictures is verifiable there. - So, I tryed an alternativ: Pictures in the /var/www/ I can open in the page the script produces by writing img src=http://localhost/pic.png;. But here is the problem, that the script can't write the file to /var/www/ and get a Permission denied even I give everyone the right to write to that folder (actually I don't like this method because of the security hole) Any solutions? It depends on how you use the image. If it is just generated once, for that page, you can just output the image directly from the cgi by printing it. The GD and ImageMagick modules have methods for printing directly to the browser. Or you can open the picture in your cgi program, and just print it in binary mode to the browser. If you need to keep the picture around for awhile, you will need to figure out the permissions. It is possible to make a 777 directory under your main http directory, just for images, and you should be able to serve the picture from there. Otherwise, post more details of exactly what you need to do with the picture. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Downloading more files?
On Fri, 12 Jul 2002 16:46:48 +0300, [EMAIL PROTECTED] (Octavian Rasnita) wrote: Hi all, Please tell me if what I want is possible or not. I want to make a Perl script that will prompt the visitor to download more files, not only one, for example 3 files. Of course, after selecting them, etc. If I use print Location: $path\n\n; The script ends after the first file. If it is possible, please give me a hint, or just tell me if this is not possible. I don't think you can do this easily. The http protocol is setup so that you can't force someone to download files, they only can get ones they specifically request. What you might do, is set up a form to let the user select the files, take the files and zip them up into one zip package, and send out a page with the zip package listed as a link. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Downloading more files?
On Sun, 14 Jul 2002 13:04:49 -0400, [EMAIL PROTECTED] (Zentara)
wrote:
I don't think you can do this easily. The http protocol is setup so that
Forget that, I got industrious this afternoon, and looked into how to do
it. Here it is. It works great, sends 1 file right after the other.
download-multi.cgi
#!/usr/bin/perl
$boundary_string = \n . --End . \n;
$end_of_data = \n . --End-- . \n;
@file_list = (test.tgz,test1.tgz,test2.tgz);
printEOH;
Content-type: multipart/x-mixed-replace\;boundary=End
EOH
foreach $file (@file_list){
send_file ($file);
print $boundary_string;
}
print $end_of_data;
exit(0);
sub send_file
{
local ($file) = @_;
if ( (open (FILE, $file)) ) {
printEOF;
Content-type: application/octet-stream
Content-Disposition: attachment\; filename=$file
EOF
binmode FILE;
print FILE;
close (FILE);
}else{print Cannot open file $file!}
}
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Less than a second?
On 12 Jul 2002 19:03:43 -, [EMAIL PROTECTED] (Felix Geerinckx) wrote: on Fri, 12 Jul 2002 15:35:06 GMT, Zentara wrote: On 12 Jul 2002 12:16:39 -, [EMAIL PROTECTED] (Felix Geerinckx) wrote: on Thu, 11 Jul 2002 11:26:05 GMT, Octavian Rasnita wrote: I want to calculate how much time a Perl script runs. Can you tell me how to calculate using fractions of a second? [...] The select function works too. select(undef,undef,undef,.05); gives a 5 millisecond delay perldoc -f select And how would you use this to determine the running time of a Perl program? Good question. :-) I guess you would need to use a loop and some sort of IPC. I would use time, myself. time myscript.pl -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Less than a second?
On 12 Jul 2002 12:16:39 -, [EMAIL PROTECTED] (Felix Geerinckx) wrote: on Thu, 11 Jul 2002 11:26:05 GMT, Octavian Rasnita wrote: I want to calculate how much time a Perl script runs. Can you tell me how to calculate using fractions of a second? Use the Time::HiRes module. See http://search.cpan.org/search?dist=Time-HiRes The select function works too. select(undef,undef,undef,.05); gives a 5 millisecond delay perldoc -f select -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
