Jean-Baptiste.Claude wrote:
> Hi,
> My cgi script has been written in order to collect some parameters
> (with the POST method) but actually if I want to record them, I can
> just put them in a pre-existent file. I am unable to create a new
> file, even with a 'chmod 777' on my directory...
> I would have a result like this:
>
> #####test.cgi##########
> $name=$$.$var;
> if ( ! -f ./$name){
> open (OUT,">$name");
> }
> foreach $i (@DATA){
> ...
> print OUT "$i\n";
> ...
> }
> close OUT;
1. You should not make any assumptions about the current working directory
in a script like this. Always specify a full path to files.
2. You say the file is "preexisting", but you're using $$ in the filename,
which is your process ID number. How is the file preexisting?
3. You need to open the file whether or not it exists. If you want to append
to the existing contents, then open in append mode.
4. Always check the return value from open().
5. Where is $var coming from? If it's coming from the client's request, you
need to be careful. Be sure to use taint mode in your script and read the
perldoc perlsec page for issues related to using tainted data.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
