"Grierson, Garry (UK07)" wrote:
>
> I had pretty much exactly the same problem, if you look at the 'Security
> Suggestions Please!' thread on the beginners-cgi archive at
> http://archive.develooper.com/beginners-cgi%40perl.org/ you can see what
>
> > -Original Message-
> > From: Wagner
Please forgive the formatting of this message, I am using Lotus Notes (nuff
said)...
First off, this is NOT a "Perl security issue". It doesn't matter what
language you do this in, the results would be the same...
Now, if you want to pass a username and password securely, you'll want to
use SS
The way I read it he wanted to use the same ID and password to verify entry
to more than one page, what the previously mentioned thread deals with are
ways to encrypt or hide the user/password values.
I was trying so show that like me he is possibly going about it the rwong
way and should rethink
How about we just stop commenting on this. Most of us would like to move on
get back to Perl questions.
-Original Message-
From: Chuck [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 10, 2001 20:41
To: Inspirational Michael; Kipp, James; [EMAIL PROTECTED]
Subject: Re: Shit
Hi there,
I had the same problem...now I'm sending a random valued cookie to the user's browser
and to the user table in a database.
I compare the value of the cookie in the browser against the value in the database if
it matches voila! it's the user.
You could use a text file to store the us
Hi,
Thanks everybody for the help...
I think I have the solution...
This site doesn't need so much security so I'm not worryed if someone is
using a sniffer...
I just don't want everyone to do "view source" and see the password in plain
text so i'm going to use md5 or sha-1 to solve it.
Thank
Hi Jan-Willem,
thanks a lot because, with "use LWP::Simple;" module I solved my
problems.
Thanks again !!
Angelo
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
to do so I use CGI.pm module,
$query = new CGI;
...
don't insert header before the redirection!!!
In such a case it don't work.
$query->redirect("THE URL");
that is't and is work fine.
Denis
-Original Message-
From: Grierson, Garry (UK07) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, Oct
Perhaps but WE can't help you. It should be taken offline with an
administrator for the courtesy of others on this list.
-Original Message-
From: Chris Wilson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 11, 2001 12:18
To: padula, domenic
Subject: Re: Everyone please move on R
Whether the unsubscribe script works or not, the real issue is whether one
can articulate one's thoughts without resorting to profanity. Anyone who
thinks cuss words will make him/her sound smarter than the "holier than
thou", is completely missing the point - no one professes perfection here.
Poi
NAME
beginners-faq - FAQ for the beginners-cgi mailing list
1 - Administriva
1.1 - I'm not subscribed - how do I subscribe?
Send mail to <[EMAIL PROTECTED]>
You can also specify your subscription email address by sending email to
(assuming [EMAIL PROTECTED] is your email addr
$thread = "profanity reeks of a basic lack of education";
print "this thread just ", (split(/\s/, $thread))[1];
__END__
-Sx- :/
On Thursday, October 11, 2001, at 01:26 PM, aurillo, gabriel wrote:
> Whether the unsubscribe script works or not, the real issue is
> whether one
> can articulate
I've been following this list with the digest version for some time now
and have started using the -T swith in all of the scripts that I write
now. Unfortunately, I don't know how to send e-mail with the -T switch
turned on. I would normally do it like this...
/usr/bin/perl -wT
use strict;
my
--- Wagner Garcia Campagner <[EMAIL PROTECTED]> wrote:
>
> This site doesn't need so much security so I'm not worryed if someone is
> using a sniffer...
Wagner,
That is begging for trouble. My apologies in advance for the rather serious tone
here. Here's a
quote from a friend's email:
--
--- Wagner Garcia Campagner <[EMAIL PROTECTED]> wrote:
>
> This site doesn't need so much security so I'm not worryed if someone is
> using a sniffer...
Wagner,
That is begging for trouble. My apologies in advance for the rather serious tone
here. Here's a
quote from a friend's email:
--
>
> my($name) = "John";
> my($mailprog) = '/usr/sbin/sendmail';
> my($recipient) = '[EMAIL PROTECTED]';
> open (MAIL, "|$mailprog -t"); #The script fails here
Try this:
open (MAIL, "|-", "$mailprog" , "-t"); #avoids using the shell
or you can do at the top of script:
$ENV{PATH} = 'bin:/usr/bi
open (MAIL, "|-", "$mailprog" , "-t");
gives me the following in the error log...
Can't use an undefined value as filehandle reference at
/home/rob/cgi-bin/completeOrder.cgi line 9.
On Thu, 11 Oct 2001, Kipp, James wrote:
> >
> > my($name) = "John";
> > my($mailprog) = '/usr/sbin/sendmail';
Rob wrote:
> I've been following this list with the digest version for some time now
> and have started using the -T swith in all of the scripts that I write
> now. Unfortunately, I don't know how to send e-mail with the -T switch
> turned on. I would normally do it like this...
>
> open (MAIL,
> open (MAIL, "|-", "$mailprog" , "-t");
try changing $mailprog to "/usr/sbin/sendmail"
>>
> Can't use an undefined value as filehandle reference at
> /home/rob/cgi-bin/completeOrder.cgi line 9.
did you try :
or you can do at the top of script:
$ENV{PATH} = 'bin:/usr/bin'; # restrict the
This thread has been closed. Take it off-list. Everyone chiming in with their
$.02 will not solve anything, and does not help the signal/noise ratio of the
list. Thank you for your cooperation.
Cheers,
Kevin
On Thu, Oct 11, 2001 at 01:26:06PM -0400, aurillo, gabriel ([EMAIL PROTECTED])
said som
Thanks, this one worked.
$ENV{PATH}='/usr/sbin';
my($mailprog) = 'sendmail';
my($recipient) = '[EMAIL PROTECTED]';
open (MAIL, "|$mailprog -t") ;
#Do mail stuff
delete $ENV{PATH};
:wq
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Aawww, Itdel weedle padula got dawere feelings hwurt.
)-8
-Original Message-
From: "aurillo, gabriel"<[EMAIL PROTECTED]>
To: "padula, domenic"<[EMAIL PROTECTED]>,
"'[EMAIL PROTECTED]'"<[EMAIL PROTECTED]>
Date: Thu Oct 11 10:26:06 PDT 2001
Subject: Re: Everyone please move on RE: Sh*
Hi,
Is there a simple way to determine if a variable contains a number or (one
or more) alpha-nummeric characters ?
Vriendelijke groet,
Rene Verharen
[EMAIL PROTECTED]
http://www.verharen.net
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED
[EMAIL PROTECTED] (Inspirational Michael) writes:
> Who cares, just get me off
if you had tried writing to [EMAIL PROTECTED] you would have
received instructions that surely would have worked (except if your
setup is broken). In case you can't get it to work, it would also
have included instruc
page 75 of the Camel book ..
$cnt = tr/0-9//; count the digits in $_
hope this gets you started ...
-Original Message-
From: Rene Verharen [mailto:[EMAIL PROTECTED]]
Sent: October 11, 2001 15:59
To: Beginners-CGI List
Subject: Determine number or word
Hi,
Is there a simple way to d
I have several CGI's that use system() to get various OS details.
What is the most reliable way to glean this information after using this
command:
For example:
#!/bin/perl
system("ls -l /tmp")
How can I get that data?
Thanks,
CC
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For addition
On Thu, 11 Oct 2001, Chuck wrote:
> I have several CGI's that use system() to get various OS details.
>
> What is the most reliable way to glean this information after using this
> command:
>
> For example:
>
> #!/bin/perl
>
> system("ls -l /tmp")
>
> How can I get that data?
Use backticks:
my
Dude, assign it to a variable.
$tempdir = system("ls -l /tmp")
-Original Message-
From: Chuck [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 11, 2001 3:42 PM
To: PERL-CGI List
Subject: Easy way to get output from system()
I have several CGI's that use system() to get various OS de
You might want to try using readdir() and opendir() instead.
Anyone using backticks in the cgi can cause security holes if
they do not use taint. Also, using backticks spawns a separate
shell, instead of running in the perl memory space.
-James
-Original Message-
From: Brett W. McCoy
On Thu, 11 Oct 2001, Camilo Gonzalez wrote:
> Dude, assign it to a variable.
>
> $tempdir = system("ls -l /tmp")
No, that only gives you the exit status of the called program (which you
then need to divide by 256 to do anything useful with). using `` or qx()
will give the output of the called p
Arg, I am going crazy. Ok, it has been a long time since I was kneee deep in
perl, but why does this not work:
printf "%-10d bytes", $x;
It does not pad the output with spaces or anything.
if x = 25
this is the result:
25 bytes
I want it tobe:
25 bytes
Anyone have any ideas. I jus
Try:
printf "%10d bytes", $x;
Vinicius
-- Chuck <[EMAIL PROTECTED]> wrote:
> Arg, I am going crazy. Ok, it has been a long time since I was kneee deep in
> perl, but why does this not work:
>
>
> printf "%-10d bytes", $x;
>
> It does not pad the output with spaces or anything.
>
>
Nothing is working, I have tried every permutation.
%20s
%-20s
%20d
%-20d
In fact, what you just suggested caused the number to display as a negative.
Any ideas??
-CC
- Original Message -
From: "Vinicius Jose Latorre" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Here is a snippet:
printf "$freespace bytes free.\n";
printf "$shipsize bytes being shipped.\n";
Here is the output:
3282567168 bytes free.
359731200 bytes being shipped.
Here is a snippet:
printf "%20d bytes free in $phost:/var/tmp\n", $freespace;
printf "$shipsize bytes being shipped.\n";
H
I tried:
#!/usr/bin/perl -w
my $x = 25;
printf "%-10d bytes\n", $x;
printf "%10d bytes\n", $x;
The result is:
25 bytes
25 bytes
Could you give more information about your system (Perl version, OS, etc.)?
Vinicius
-- Chuck <[EMAIL PROTECTED]> wrote:
> Nothing is
Maybe you should use Math::BigInt.
I've just tried:
#!/usr/bin/perl -w
use Math::BigInt;
my $x = 25;
printf "%-10d bytes\n", $x;
printf "%10d bytes\n", $x;
my $freespace = Math::BigInt->new (3282567168);
printf "%-20s bytes\n", $freespace;
printf "%20s bytes\n", $freespa
I wish everyone would stop quoting entire threads just to say 'stop'...
HTH;
-Sx- :]
On Thursday, October 11, 2001, at 03:12 PM, Kevin Meltzer wrote:
> This thread has been closed. Take it off-list. Everyone chiming in
> with their
> $.02 will not solve anything, and does not help the signa
On Thu, 11 Oct 2001, Chuck wrote:
> Arg, I am going crazy. Ok, it has been a long time since I was kneee deep in
> perl, but why does this not work:
>
> printf "%-10d bytes", $x;
Remove the -
printf "%10d", $x;
Works for me.
-- Brett
http://www.chapel
On Thu, 11 Oct 2001, Chuck wrote:
> Nothing is working, I have tried every permutation.
I tried this right on the command line:
$ perl -e 'printf "%10d\n", 25'
25
-- Brett
http://www.chapelperilous.net/
-
On Thu, 11 Oct 2001, Chuck wrote:
> Here is a snippet:
> printf "%20d bytes free in $phost:/var/tmp\n", $freespace;
> printf "$shipsize bytes being shipped.\n";
>
> Here is the output:
> -1012379648 bytes free in smh4:/var/tmp
> 359731200 bytes being shipped.
It's because 3282567168, apparently,
does anybody can help me...
the script below has been change 'chown root.root checklogin.pl'
## Start Script ###
$passwdfile = "/etc/shadow";
open (PASSWD, $passwdfile) or exit 1; # Always exit when we running not as root
while (defined($line = )) {
chomp($line);
($usr,$pswd) = (split(/
Thanks,
I've just had a look at it, and it looks pretty good.
However I've bookmarked it for later, as I'm still working my way through
both 'learning perl' and the cgi.pm man page!
I think I'll probably start dreaming in perl soon:)
carl
www.fireartist.com
--
>From: Mark Bergeron <[EMA
He is correct.
-Original Message-
From: Inspirational Michael [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 10, 2001 12:57 PM
To: [EMAIL PROTECTED]
Subject: Of this Shit
Brother I understand that may work in most instances, but, believe me, I
have worked with Randal on this and be
I seem to have got a little muddled yesterday, sorry.
What I think you want is to be able to declare the
"Content-type:text/html\n\n"; HTTP header type, so you can print some HTML
etc.
Then be able to automatically link to different pages (or print) based on
variable values, in this case you can'
This thread is closed. Take it elsewhere.
Cheers,
Kevin
On Wed, Oct 10, 2001 at 04:43:25PM -0700, Dean Theophilou ([EMAIL PROTECTED])
said something similar to:
> "Jack ass" has 3 meanings.
>
> 1) Another word for a donkey;
> 2) A derogatory reference to someone who is stubborn;
> 3) A descrip
45 matches
Mail list logo
