[Novalug] a perl question
Megan Larko
larkoc@iges.org
Fri Jan 5 11:08:07 EST 2007
Howdy,
To make it linux-related it is perl version 5.8.8 for x86_64 FC4 linux.
I am writing a script that will allow scientists to enter information about a data set the scientist
is releasing to a test-study group. The output of the perl script is a data.table.html file that
may be viewed on the web by anyone. Not just anyone can get to the script to enter the info. I
would like to be relatively secure in writing the script. I would like to use the -w -T and use
strict option. The -w is cool; the use strict stops the program from running with the following
errors:
[root@localhost cgi-bin]# ./news.data.test.cgi
Global symbol "@pairs" requires explicit package name at ./news.data.test.cgi line 45.
Global symbol "@pairs" requires explicit package name at ./news.data.test.cgi line 47.
Global symbol "%FORM" requires explicit package name at ./news.data.test.cgi line 53.
Global symbol "%FORM" requires explicit package name at ./news.data.test.cgi line 55.
Global symbol "%FORM" requires explicit package name at ./news.data.test.cgi line 55.
Global symbol "%FORM" requires explicit package name at ./news.data.test.cgi line 56
(for each and every FORM line entry, and then finally...)
Execution of ./news.data.test.cgi aborted due to compilation errors.
I have initialized my variables with "my $var = "";" This included variables obtained from the
FORM such as $FORM{'ContactEmail'} and $FORM{'name'} as my $ContactEmail = ""; and my $name = "";
But the string FORM, I could not get to initialize. a my $FORMP'ContactEmail'} did not work
(syntax error on my part maybe?) Also I do use the $ContactEmail as a var without the $FORM prefix
elsewhere. What "explicit package" does it want?
I am attaching the script (117 ASCII lines) so that those who wish to look may find the line
numbers. BTW, it works successfully without the "use strict" but as it is a web form I would like
to use better security/checking measures.
Thank you,
megan
-------------- next part --------------
#!/usr/bin/perl -w
use strict;
### Unbuffer the output ###
use FileHandle;
STDOUT->autoflush(1);
my $mytime = scalar(localtime());
my $server = $ENV{'SERVER_NAME'};
my $host = $ENV{'REMOTE_HOST'};
my $page = $ENV{'SCRIPT_NAME'};
my $mailprog = '/usr/sbin/sendmail';
#Meg my $mailprog = '/usr/bin/mail';
#Meg my $recipient = 'larkoc@cola.iges.org';
my $recipient = 'larkoc';
# Initialize vars
my $buffer = "";
my $pair = "";
my $dir1 = "";
my $name ="";
my $value ="";
my $ContactEmail ="";
my $datatype ="";
my $dataname ="";
my $dataDesc ="";
my $dataX ="";
my $dataY ="";
my $dataCtr ="";
my $dataStartLat ="";
my $dataStartLon ="";
my $dataEndLat ="";
my $dataEndLon ="";
my $dataMeet ="";
my $dataFormat ="";
my $dataURL ="";
my $mybrowser ="";
my $FORM = "";
print "Content-type: text/html\n\n";
# Flush stdout buffer
$| = 1;
print "<Head><Title>NASA NEWS Investigators Data Table</Title></Head>";
print "<BODY>\n";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}
if ($FORM{'ContactEmail'} eq "") {$FORM{'ContactEmail'} = '';}
if ($FORM{'name'} eq "") {$FORM{'name'} = '';}
print "<IMG SRC=\"header_news.jpg\" ALT=\"NEWS logo\" HEIGHT=\"100\" WIDTH=\"600\"><BR>\n";
print "Your form submission to NEWS Data has been sent.\n";
open (MAIL, "|$mailprog $recipient ") || die "cant open $mailprog!\n";
print MAIL "Subject: NEWS Data Test\n";
print MAIL "This is a Web page from $FORM{'name'}\n";
print MAIL "\n";
print MAIL "The dataset name: $FORM{'dataname'}\n";
print MAIL "Type: $FORM{'datatype'}.\n\n";
print MAIL "Special Instructions: $FORM{'dataDesc'}\n";
print MAIL "\n";
print MAIL "---------------------------------------------------------------------------\n";
print MAIL "Statistics from: $FORM{'name'} at $FORM{'ContactEmail'}\n";
print MAIL "\n";
print MAIL "The time sent was $mytime \n";
print MAIL "The browser used to access my Web page: $ENV{'HTTP_USER_AGENT'}\n";
print MAIL "The server used to process my Web page: $ENV{'SERVER_NAME'}\n";
print MAIL "---------------------------------------------------------------------------\n";
print MAIL "\n";
close (MAIL);
print "<P>\n";
print "<CENTER>\n";
print "Your dataset description update to the NASA Energy and Watercycle site has been received.<BR> Please visit <A HREF=\"http://192.239.87.211/data.news.table.html\">the NEWS data
table to view the current descriptions (and holdings)</A><P>\n";
print "The current time is: $mytime <BR>\n";
print "<A HREF=\"http://www.nasa-news.org/\">Return to NEWS Page</A>\n";
print "</CENTER>\n";
print "</BODY>\n";
print "</HTML>\n";
# Write updated information to file "survey.response"
if ($mybrowser =~ /MSIE/) {
$dir1="/var/www/response/IE";
} else {
$dir1="/var/www/response";
} # Ends browser if block
if (open(RESPONSE, ">$dir1/survey.response")) {
flock RESPONSE, 2; #lock file to assure only single-access
print RESPONSE "$FORM{'name'} XX $FORM{'ContactEmail'} XX $FORM{'datatype'} XX $FORM{'dataname'} XX $FORM{'dataX'} XX $FORM{'dataY'} XX $FORM{'dataCtr'} XX $FORM{'dataStartLat'} XX $FORM{'dataStartLon'} XX $FORM{'dataMeet'} XX $FORM{'dataEndLat'} XX $FORM{'dataEndLon'} XX $FORM{'dataFormat'} XX $FORM{'dataURL'} XX TEXT: $FORM{'dataDesc'} \n";
} else { print "<center>Can't open $dir1/response</center>\n";
} #Ends fi open and releases flock
close (RESPONSE);
# Replace old response file with new response file
# Run 4 times to remove all spaces from system data program; replace some with underscore
$mytime =~ s/\s+//;
$mytime =~ s/\s+//;
$mytime =~ s/\s+/_/;
$mytime =~ s/\s+/_/;
#print "mytime $mytime \n\n";
rename ("$dir1/survey.response","$dir1/survey.response.$mytime") || print
"Cannot rename response\n";
### Now chdir response and run pagegen.
chdir $dir1;
# NOTE: system forks then execs; exec just executes
system "ls > infile.list";
system "./pagegen.pl";
More information about the Novalug
mailing list