[16812] in Perl-Users-Digest
Perl-Users Digest, Issue: 4224 Volume: 9
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Tue Sep 5 01:52:50 2000
Date: Mon, 4 Sep 2000 21:05:17 -0700 (PDT)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Message-Id: <968126717-v9-i4224@ruby.oce.orst.edu>
Content-Type: text
Perl-Users Digest Mon, 4 Sep 2000 Volume: 9 Number: 4224
Today's topics:
ANNOUNCE: System::Index 0.1 <jdb@wcoil.com>
ANNOUNCE: Tie::EncryptedHash 1.0 (Vipul Ved Prakash)
Re: another appending (that is write over) files <star@sonic.net>
CGI programming book unicef2k@my-deja.com
Re: CGI programming book <admin@salvador.venice.ca.us>
Re: CGI programming book <theaney@toadmail.toad.net>
Re: CGI programming book (Clinton Pierce)
Compiling Perl for Teminal behavior hwestiii@zdnetmail.com
Re: cookies and SSI's (Keith Calvert Ivey)
Re: How to make eval() secure with backtick? (R. Bernstein)
Re: How to make eval() secure with backtick? (R. Bernstein)
Re: How to make eval() secure with backtick? (Mark-Jason Dominus)
Re: How to make eval() secure with backtick? (Mark-Jason Dominus)
Re: How to make eval() secure with backtick? (Mark-Jason Dominus)
Re: Inserting todays date <westxga@my-deja.com>
locking databases in perl pohanl@my-deja.com
Match any character w/ regular expressions <toddcw@my-deja.com>
name of downloaded file ... <pilsl@goldfisch.atat.at>
Re: name of downloaded file ... <tina@streetmail.com>
Re: Optimization of Perl code <pilsl@goldfisch.atat.at>
Perl/CGI file transfer <alanhll@alphalink.com.au>
Re: Perl/CGI file transfer <philipg@atl.mediaone.net>
Re: Security question <jhiller@online-testing.net>
Re: Seperating text and integers from a variable <bart.lateur@skynet.be>
Tie::EncryptedHash 1.0 (Vipul Ved Prakash)
Re: Unexpected Module name in first parameter to subrou <bart.lateur@skynet.be>
Using AI::NeuralNet::Mesh to 'learn' CPU load <jdb@wcoil.com>
Re: using the value of a variable for another varible's (Gwyn Judd)
Re: using the value of a variable for another varible's (Mark-Jason Dominus)
version problem? <asleep@thewheel.com>
Digest Administrivia (Last modified: 16 Sep 99) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: 4 Sep 2000 05:05:31 GMT
From: "Josiah Bryan" <jdb@wcoil.com>
Subject: ANNOUNCE: System::Index 0.1
Message-Id: <sr8gf56la6e29@corp.supernews.com>
Greetings Perlfolk,
Announcing the release of System::Index, version 0.1
It is available for download from: (**recomended URL**):
http://www.josiah.countystart.com/modules/get.pl?sysidx:clpa
System::Index has also entered the CPAN as:
file: $CPAN/authors/id/J/JB/JBRYAN/System-Index-0.1.zip
size: 4049 bytes
** SYNOPSIS
use System::Index;
my $cpu_load = cpu_index(); # Averages 0.120 on my system, 'light' load
my $mem_load = mem_index(); # Averages 0.88 on my system, 'light' load
my $hd_load = hd_index(); # Averages 0.250 on my system, 'light' load
** VERSION
This is Version 0.1 ($Id: System::Index.pm, v0.1 2000/04/09 12:27:05 josiah
Exp $).
** DESCRIPTION
This is a simple load-measure for memory, CPU, and hard-disk access. It
requires
Benchmark and Export. It measures the load with a simple timethis()
benchmark loop
with a few stat functions thrown in for good measure.
** CLOSING
Regards,
~ Josiah Bryan, <jdb@wcoil.com>
Latest Version:
http://www.josiah.countystart.com/modules/get.pl?sysidx:clpa-
--
Josiah Bryan
VP of Product Development
TDCJ, Inc.
"Anything is possible."
vp@tdcj.com
http://www.josiah.countystart.com/
Tel: 937.316.6256
------------------------------
Date: 4 Sep 2000 22:21:49 GMT
From: vipul@shell2.ba.best.com (Vipul Ved Prakash)
Subject: ANNOUNCE: Tie::EncryptedHash 1.0
Message-Id: <slrn8r883s.l0i.vipul@shell2.ba.best.com>
Tie::EncryptedHash 1.0 has been uploaded to CPAN.
NAME
Tie::EncryptedHash - Hashes (and objects based on hashes) with
encrypting fields.
SYNOPSIS
use Tie::EncryptedHash;
my %s = ();
tie %s, Tie::EncryptedHash, 'passwd';
$s{foo} = "plaintext"; # Normal field, stored in plaintext.
print $s{foo}; # (plaintext)
$s{_bar} = "signature"; # Fieldnames that begin in single
# underscore are encrypted.
print $s{_bar}; # (signature) Though, while the password
# is set, they behave like normal fields.
delete $s{__password}; # Delete password to disable access
# to encrypting fields.
print $s{_bar}; # (Blowfish NuRVFIr8UCAJu5AWY0w...)
$s{__password} = 'passwd'; # Restore password to gain access.
print $s{_bar}; # (signature)
$s{_baz}{a}{b} = 42; # Refs are fine, we encrypt them too.
DESCRIPTION
Tie::EncryptedHash augments Perl hash semantics to build secure,
encrypting containers of data. Tie::EncryptedHash introduces special
hash fields that are coupled with encrypt/decrypt routines to encrypt
assignments at STORE() and decrypt retrievals at FETCH(). By design,
encrypting fields are associated with keys that begin in single
underscore. The remaining keyspace is used for accessing normal hash
fields, which are retained without modification.
While the password is set, a Tie::EncryptedHash behaves exactly like a
standard Perl hash. This is its transparent mode of access. Encrypting
and normal fields are identical in this mode. When password is deleted,
encrypting fields are accessible only as ciphertext. This is
Tie::EncryptedHash's opaque mode of access, optimized for serialization.
Encryption is done with Crypt::CBC(3) which encrypts in the cipher block
chaining mode with Blowfish, DES or IDEA. Tie::EncryptedHash uses
Blowfish by default, but can be instructed to employ any cipher
supported by Crypt::CBC(3).
AUTHOR
Vipul Ved Prakash <mail@vipul.net>
LICENSE
Artistic.
------------------------------
Date: Mon, 04 Sep 2000 23:36:47 GMT
From: arthur <star@sonic.net>
Subject: Re: another appending (that is write over) files
Message-Id: <B5D82EB6.7DB3%star@sonic.net>
in article B5D3E2A2.7B65%star@sonic.net, arthur at star@sonic.net wrote on
9/1/00 9:23 AM:
>
> Good Morning People,
>
> Colin Keith gave me this line to help me:
>
> open(FH, "</files/saved/copies/$my_unique_user_id.dat");
> my($cgi) = CGI->new(\*FH);
>
> I am confused by the path:/files/saved/copies/$my_unique_user_id.dat
> Should that be the path on my server?
>
> He also gave me this line: $cgi->param('varable_name');
> but I am unclear how to use it.
>
> I want to add the above to the following program and have it save the new
> copy of dat as 'name'
> ----------
> #!/usr/bin/perl -w
>
> use CGI qw(:standard);
> use CGI::Carp qw(fatalsToBrowser);
> use IO File;
> use strict;
> use File::Copy;
>
> print header;
> print start_html('A Simple Example'),
> #I get the variable 'name' so I have somewhere to hold the new data
> #permanently
> start_form,
> "The name of your game is: ",textfield('name'),
> p,
> #'question' is the variable that holds the new data that I want saved as
> #'name' Another program uses 'dat' so that name can not change. But the data
> #I want saved
> "What are your questions? ",textfield('question'),
> p,
> submit,
> end_form,
> hr;
> if (param()) {
> print "The name of your game is: ",em(param('name')),
> p,
> "Your questions are: ",em(param('question')),
> p,
> #I open the file Handle HOPE that is the document 'dat' I want to
> #write over dat with the new 'question' from the form yet save the new data
> # as 'name'
> open (HOPE, ">/home/www_pages/star/dat") || die print "cant open: $!\n";
> (my $question = param('question')) =~ s/,/","/g;
> if ( $question !~ /^".+"$/ ) {
> print " WARNING: No quotes around your questions\n";
> die;};
> print HOPE $question;
> close HOPE;
> print end_html;
> }
>
>
> It is a great learning experience,
> ~arthur
> star@sonic.net
>
I see all I have to do is close and open it again and it will write over
what was there.
Sometime you have to experement,
~arthur
------------------------------
Date: Mon, 04 Sep 2000 22:17:11 GMT
From: unicef2k@my-deja.com
Subject: CGI programming book
Message-Id: <8p1711$ql8$1@nnrp1.deja.com>
I recently landed a job as a web programmer.
Can someone recommend a CGI programming book? Or is there a site where
I can find reviews of that type of book. I'll be using Perl.
Thanks in advance.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Mon, 04 Sep 2000 17:38:46 -0700
From: Pan <admin@salvador.venice.ca.us>
Subject: Re: CGI programming book
Message-Id: <39B44096.ABEABC3C@salvador.venice.ca.us>
unicef2k@my-deja.com wrote:
>
> I recently landed a job as a web programmer.
> Can someone recommend a CGI programming book? Or is there a site where
> I can find reviews of that type of book. I'll be using Perl.
Congratulations on your job. Please expect to get some RTFM responses
to your post, as cgi is not so much on-topic to this group except as it
relates specifically to the core Perl language, and you could certainly
find what you are looking for by starting with the faq, typing in terms
such as Perl cgi tutorial in the search engine of your choice, or going
to a usenet archive like dejanews and reading past posts that have
answered the very questions you are asking.
Those caveats ( and hints for future posting habits ) aside, as someone
who is always pleased to see Perl spread to another shop, these should
point you in the right direction:
Start with perldoc -h at the commandline to see how to use the
documentation that comes with perl on your system. For specific perl
cgi info, perldoc cgi might be a good command to use.
For online perl cgi references...
If you will be using using cgi.pm, here is a good place to start:
~ http://stein.cshl.org/~lstein/talks/marjorie/
If you do not intend to use cgi.pm, a good beginner's resource is here:
~ http://agora.leeds.ac.uk/Perl/Cgi/start.html
Otherwise, www.cpan.org has ton of info.
As to what books you should buy. The purist in me says that you
probably won't need any books. The documentation and online resources
are better than any book. However, the technobook collector in me will
tell you that there are several good books available. O'reilly and
Associates has several excellent books on cgi and Perl. I believe that
I have the full set of perl books by O'Reilly, and have found something
of use in all of them as references. I have also found the Perl Core
language Little Black Book by Corolis Open press to be useful
reference.
Hope that helps...
--
Salvador Peralta
admin@salvador.venice.ca.us
http://www.la-online.com
------------------------------
Date: 04 Sep 2000 20:37:36 -0400
From: Tim Heaney <theaney@toadmail.toad.net>
Subject: Re: CGI programming book
Message-Id: <8766obznan.fsf@susie.watterson>
unicef2k@my-deja.com writes:
> I recently landed a job as a web programmer.
> Can someone recommend a CGI programming book? Or is there a site where
> I can find reviews of that type of book. I'll be using Perl.
The author of CGI.pm himself has written a book:
http://www.wiley.com/compbooks/stein/
There is also an O'Reilly book:
http://www.oreilly.com/catalog/cgi2/
Tom Christiansen's reviews include some CGI books:
http://language.perl.com/critiques/
Hope this helps,
Tim
------------------------------
Date: Tue, 05 Sep 2000 01:13:04 GMT
From: clintp@geeksalad.org (Clinton Pierce)
Subject: Re: CGI programming book
Message-Id: <AMXs5.26899$QW4.341160@news1.rdc1.mi.home.com>
[Posted and mailed]
In article <8p1711$ql8$1@nnrp1.deja.com>,
unicef2k@my-deja.com writes:
> I recently landed a job as a web programmer.
> Can someone recommend a CGI programming book? Or is there a site where
> I can find reviews of that type of book. I'll be using Perl.
The $2 question is, are you trying to learn Perl and CGI at the same
time? If so, take a look at the book down in the signature. I use it
to teach my classes on CGI programming.
If you know Perl already, I have some other recommendations.
--
Clinton A. Pierce Teach Yourself Perl in 24 Hours!
clintp@geeksalad.org for details see http://www.geeksalad.org
"If you rush a Miracle Man,
you get rotten Miracles." --Miracle Max, The Princess Bride
------------------------------
Date: Tue, 05 Sep 2000 01:13:44 GMT
From: hwestiii@zdnetmail.com
Subject: Compiling Perl for Teminal behavior
Message-Id: <8p1hc1$4sk$1@nnrp1.deja.com>
I am looking for some help in compiling Perl (on either Red Hat 6 or
Slackware 7) to get "correct" terminal handling behavior.
I've always used the executables installed by the given distribution,
and I've had to put up with crappy terminal support (arrow keys
generate visible escape codes rather than moving the cursor, etc.)
That is one thing I'll say for the Win32 ports I've used, they seem to
handle the terminal in the way you'd expect.
I'm guessing that there is/are some pre-build configuration settings
that I can adjust to get this working right.
Any help is appreciated.
Howard West
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Tue, 05 Sep 2000 00:31:06 GMT
From: kcivey@cpcug.org (Keith Calvert Ivey)
Subject: Re: cookies and SSI's
Message-Id: <39b43d01.6827512@news.newsguy.com>
jason <elephant@squirrelgroup.com> wrote:
>James Philip Ryan <jpryan@labs.tamu.edu> wrote ..
>>The CGI::Cookie manual said the path was being set as "/" by default; I didn't
>>consider that to be the problem. Thanks for your help... you rock
>
>hmm .. dunno which version that is .. but mine says that it's set to the
>full name of the script that sets the cookie by default
>
>if the PATH was '/' then EVERY script would have access to it
Which is the way cookies are often set. Version 1.06 of
CGI::Cookie says
B<-path> points to a partial URL on the current server.
The cookie will be returned to all URLs beginning with the
specified path. If not specified, it defaults to '/',
which returns the cookie to all pages at your site.
It's the same in version 1.16. It seems strange that the
default would have been changed.
--
Keith C. Ivey <kcivey@cpcug.org>
Washington, DC
------------------------------
Date: 04 Sep 2000 21:10:02 -0400
From: rocky@panix.com (R. Bernstein)
Subject: Re: How to make eval() secure with backtick?
Message-Id: <wihk8crmyol.fsf@panix3.panix.com>
While the Perl Cookbook code may be correct the code you added isn't.
Splitting a command at whitespace is not the same thing a preserving
the tokens in the commadn.
I don't think you fully understood what I meant when I wrote:
I want to backtick the command or use system() rather than use exec(),
since it may be hard to parse; $cmd can be arbitrary.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Suppose the command read in from a admin-specified file is this:
count-embedded-blanks 'Now is' 'the time'.
(Recall the first line of my post:
Let's say that I read in from a secure source a
command, $cmd, which may refer to a variable name, $var.)
The code you specify:
my @command_words = split /\s+/, $cmd; ## MJD
won't preserve embedded blanks. Put this in foo:
#!/bin/perl
printf "%d arguments were passed\n", $#ARGV+1;
$cmd=join(' ', @ARGV);
my @command_words = split /\s+/, $cmd; ## MJD
printf "command_words has %d arguments\n", $#command_words+1;
And run:
foo 'Now is' 'the time'
I get:
2 arguments were passed
command_words has 4 arguments
The post by nobull@mail.com seems more in line with what I need. It
sure is a lot less arcane.
------------------------------
Date: 04 Sep 2000 21:22:49 -0400
From: rocky@panix.com (R. Bernstein)
To: nobull@mail.com
Subject: Re: How to make eval() secure with backtick?
Message-Id: <wihd7ijmy3a.fsf@panix3.panix.com>
nobull@mail.com writes:
> All this
> stuff about $cmd and the extra level of eval() indirection is
> irrelevant to your real question since $cmd is from a trusted source.
It's not irrelevant, although I wasn't clear. The source may be
trusted, but that doesn't mean it knows how the program works or knows
or cares to know how to use Perl all that well.
> The answer is probably to do:
>
> print `echo \Q$var`;
Thanks. However the responsibility for quoting should be with the
program rather than the person writing the command. If it weren't for
the parsing problem, I suppose I could replace '$var' with '\Q$var'
In the interest of full disclosure, and since there's been confusion
over what the application is (or the problem I've tried to convey) see
http://www.netwinder.org/~rocky/ps-watcher for the program that has
these odd requirements.
------------------------------
Date: Tue, 05 Sep 2000 01:42:26 GMT
From: mjd@plover.com (Mark-Jason Dominus)
Subject: Re: How to make eval() secure with backtick?
Message-Id: <39b44f81.27cd$31f@news.op.net>
In article <wihk8crmyol.fsf@panix3.panix.com>,
R. Bernstein <rocky@panix.com> wrote:
>I don't think you fully understood what I meant when I wrote:
>
> I want to backtick the command or use system() rather than use exec(),
> since it may be hard to parse; $cmd can be arbitrary.
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
That's true, I didn't understand that. Your example obscured this
point. Thanks for the clarificaton.
>The post by nobull@mail.com seems more in line with what I need. It
>sure is a lot less arcane.
Yes, but it's a lot less secure, and you specifically asked for
security.
The \Q solution supposedly works by 'escaping' all the shell
metacharacters. It does this by putting a \ in front of every special
character. But in the shell, putting \ in front of a character does
*not* escape it. Sometimes it does, and sometimes it doesn't, and the
result depends on context.
The reason why people try to avoid the shell (and the reason for those
cookbook recipes) is that the shell is very complicated and hardly
anyone understands all the strange things it can do. This problem is
a good example of that. You would think that putting \ before a
metacharacter should escape it, but it doesn't.
------------------------------
Date: Tue, 05 Sep 2000 03:12:48 GMT
From: mjd@plover.com (Mark-Jason Dominus)
Subject: Re: How to make eval() secure with backtick?
Message-Id: <39b464af.2af9$17c@news.op.net>
In article <wihaedorgib.fsf@panix3.panix.com>,
R. Bernstein <rocky@panix.com> wrote:
>Let's say I have a program where I read in from a secure source a
>command, $cmd, which may refer to a variable name, $var. (Below the
>command is 'echo $var'.) And let's say from an insecure source I can
>set $var.
I gather that the real problem is that user X, who might be root, is
going to have a file full of commands that are executed when the 'ps'
information is in a certain state, and that the $cmd comes from that
file. But you want a way to pass information from the process table
into the $cmd, and this process table information is $var. You can't
trust that user Y won't run some weirdly-named job that causes havoc
when it is inserted into user X's trigger command. Is that right?
I wonder if it would make sense to pass the value of $var into the
$cmd on its standard input, instead of as a command-line argument?
Then instead of
echo $var
user X would have written
cat
and there would be no problem with malicious $vars causing havoc in
the shell.
This all depends on the likely uses for $cmd, which I can't foresee.
In this case the security problem evaporates, because you're running
user X's command verbatim, and you trust user X. The only
complication is that you need bidirecitonal communications: You need
to send the value of $var into user X's command, and you need to
retrieve the results. The code looks like this:
pipe FROMPARENT, TOCHILD or die ...;
pipe FROMCHILD, TOPARENT or die ...;
$pid = fork();
die ... unless defined $pid;
if ($pid) { # parent
close TOPARENT; close FROMPARENT;
print TOCHILD $var;
close TOCHILD;
local $/; # read the child's entire output
$result = <FROMCHILD>;
close FROMCHILD;
} else { #child
close TOCHILD; close FROMCHILD;
open STDIN, "<&FROMPARENT" or die ...;
open STDOUT, ">&TOPARENT" or die ...;
exec 'sh', '-c', $cmd;
die ...;
}
# results are in now in $result
------------------------------
Date: Tue, 05 Sep 2000 03:25:09 GMT
From: mjd@plover.com (Mark-Jason Dominus)
Subject: Re: How to make eval() secure with backtick?
Message-Id: <39b46794.2b69$3a4@news.op.net>
In article <39b464af.2af9$17c@news.op.net>,
Mark-Jason Dominus <mjd@plover.com> wrote:
>Then instead of
>
> echo $var
>
>user X would have written
>
> cat
Taking the examples from your documentation:
action = echo "Looks like you have a big $command program: $vsz KB"
becomes:
action = sed -e "s/.*/Looks like you have a big & program: $vsz KB/"
and
action = <<EOT
echo "$command used $pcpu% CPU" | /bin/mail root
kill -TERM $pid
EOT
becomes:
action = <<EOT
sed -e "s/\$/ used $pcpu% CPU/" | /bin/mail root
kill -TERM $pid
EOT
The other example can stay the way it is.
This suggests that you could bundle ps-watcher with a utility program
whose only purpose is to safely print messages involving a possibly
strange command name. Then the examples above look like this:
action = message "Looks like you have a big XXX program: $vsz KB"
and this:
action = <<EOT
message "XXX used $pcpu% CPU" | /bin/mail root
kill -TERM $pid
EOT
The implementation of 'message' is trivial:
#!/usr/bin/perl
my $message = shift or die ...;
my $command = join '', <STDIN>;
$message =~ s/XXX/$command/g;
print $message;
Note however, that even if you make the command execution perfectly
safe, this program is always going to harbor risks. Here's one of
your examples:
action = <<EOT
message "XXX used $pcpu% CPU" | /bin/mail root
kill -TERM $pid
EOT
If someone manages to get the string "~! rm -rf /" into the ps data,
this string will be printed into the /bin/mail program, and then
/bin/mail will execute "rm -rf /" with the permissions of the
ps-watcher user, possibly root. You might want to mention this in the
documentation. You might also want to fix up ps-watcher so that it
refuses to run as root.
------------------------------
Date: Tue, 05 Sep 2000 01:32:41 GMT
From: Glenn West <westxga@my-deja.com>
Subject: Re: Inserting todays date
Message-Id: <8p1ifp$5s2$1@nnrp1.deja.com>
In article <8ovr3d$dnr$1@nnrp1.deja.com>,
appsman1368@my-deja.com wrote:
> I use Perls FORMAT facility to produce formatted hard-copy reports
from
> a database output file - with excellent results.
>
> However, I now need to be able to print these reports to include
> 'todays' date. I have tried using `date` but to no avail. Has anyone
> got any ideas please??
perldoc -f time
perldoc -f localtime
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Tue, 05 Sep 2000 00:59:21 GMT
From: pohanl@my-deja.com
Subject: locking databases in perl
Message-Id: <8p1gh4$409$1@nnrp1.deja.com>
I've come across a problem and I hope people in the perl community
can help me out.
1) I use perl and DB_File together by tie'ing my hashes to the database.
2) Whenever more than one person is using the perl script to write to
the database (by simple hash assigments), they will corrupt the
database. (DB_File does not support multiple writers at the same
time).
Given that I cannot use BerkeleyDB (an upgraded version of DB_File
that supports locking within the database), and must stick with DB_File.
And given that I cannot install new perl modules.
How do I lock the database so that they don't corrupt each other?
I read the perldoc on DB_File, and the solution they previously
said to use was not useable. Then it says there is a solution by
downloading a locking module, which is not a solution in my case.
So my question is...
How do I implement locking and unlocking so that multiple writers
do not corrupt the database?
a routine for locking and a routine that unlocks will be appreciated.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Tue, 05 Sep 2000 03:25:26 GMT
From: Todd Wilson <toddcw@my-deja.com>
Subject: Match any character w/ regular expressions
Message-Id: <8p1p2s$ckg$1@nnrp1.deja.com>
Sorry for the newbie question, but I'm still getting my feet wet with
regular expressions.
I'm trying to match ANY character between two strings. Something like
using the . character, but must also include the \n character.
Specifically, I'm working with an HTML file and I would like to delete
all text between <html> and, say, a specific <table> tag. There will
obviously be many characters in between the two tags, both white space
and non-white space. The regular expression I would like to use would
be something as simple as this:
s/<html>.*<table>//g
The problem is that .* won't match the newline characters.
Any help would be much appreciated.
Regards,
Todd Wilson
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Mon, 04 Sep 2000 22:57:12 GMT
From: peter pilsl <pilsl@goldfisch.atat.at>
Subject: name of downloaded file ...
Message-Id: <MPG.141e474556f7951a989864@news.chello.at>
I´ve a script that put out some File for viewing/downloading via
webbrowsers. (in example it puts out an file of type image/gif)
This script is called via a <href>-link and when someone tries to download
this file with his browser the default-name for the downloaded file is
scriptname.ext where ext corresponds to the content-type.
But I want to give this file a different name than the scriptname is. I am
looking for a way how to set this default-filename for downloading.
thanx,
peter
--
pilsl@
goldfisch.at
------------------------------
Date: 5 Sep 2000 01:27:32 GMT
From: Tina Mueller <tina@streetmail.com>
Subject: Re: name of downloaded file ...
Message-Id: <8p1i64$c5rk4$2@ID-24002.news.cis.dfn.de>
hi,
In comp.lang.perl.misc peter pilsl <pilsl@goldfisch.atat.at> wrote:
> I=B4ve a script that put out some File for viewing/downloading via=20
> webbrowsers. (in example it puts out an file of type image/gif)
> This script is called via a <href>-link and when someone tries to downlo=
ad=20
> this file with his browser the default-name for the downloaded file is=20
> scriptname.ext where ext corresponds to the content-type.
really? that's cool. so the filename is set to
scriptname.jpeg if you set jpeg as content type?
if i try it the filename is always set to the
full scriptname scriptname.cgi (or .pl).
> But I want to give this file a different name than the scriptname is. I =
am=20
> looking for a way how to set this default-filename for downloading.
one possibility is to use $cgi->path_info.
call the script with
scriptname/param1/param2/filename.whatever
and the filename will be filename.whatever
HTH,
tina
--=20
http://tinita.de \ enter__| |__the___ _ _ ___
tina's moviedatabase \ / _` / _ \/ _ \ '_(_-< of
search & add comments \ \__,_\___/\___/_| /__/ perception
please don't email unless offtopic or followup is set. thanx
------------------------------
Date: Mon, 04 Sep 2000 23:03:33 GMT
From: peter pilsl <pilsl@goldfisch.atat.at>
Subject: Re: Optimization of Perl code
Message-Id: <MPG.141e48c3bffcb392989865@news.chello.at>
In article <39B3893D.F6E7A6AD@delta.de>, heydenreich@delta.de says...
> Hi,
> I'm looking for literature / advises for optimizing my Perl scripts. The
> reason: I've written a little program which handles a large array (about
> 10 MB of data) and has to process each row of this array. The memory
> consumption is very high - more than 40 MB (I checked this from "top"
> output - high means for a computer that has only 64 MB RAM). Which
> common advises have you about this fact? (In addition, I have some
> hashes and other arrays, but not so large.)
>
There might be mathematical tricks also to 'compress' the data while in
memory.
peter
--
pilsl@
goldfisch.at
------------------------------
Date: Tue, 05 Sep 2000 02:28:58 GMT
From: alan <alanhll@alphalink.com.au>
Subject: Perl/CGI file transfer
Message-Id: <sr8mjab0a6e40@corp.supernews.com>
Hi,
My question is, I know how to send a file up from the web page, using HTTP
File Upload
e.g. <form enctype="multipart/form-data" [etc]>
<input name="file1" type="file">
But, how would I access the contents of this (say text file) at the other
end. Is a different read-parse code required? Could someone give me a
simple example to point me in the right direction. Would like to know, a
lot.
Thankya Kindly
Alan.
--
Posted via CNET Help.com
http://www.help.com/
------------------------------
Date: Tue, 05 Sep 2000 04:01:32 GMT
From: "Philip Garrett" <philipg@atl.mediaone.net>
Subject: Re: Perl/CGI file transfer
Message-Id: <we_s5.9196$Oc.3110993@typhoon.southeast.rr.com>
alan <alanhll@alphalink.com.au> wrote in message
news:sr8mjab0a6e40@corp.supernews.com...
> Hi,
> My question is, I know how to send a file up from the web page, using HTTP
> File Upload
> e.g. <form enctype="multipart/form-data" [etc]>
> <input name="file1" type="file">
>
> But, how would I access the contents of this (say text file) at the other
> end. Is a different read-parse code required? Could someone give me a
> simple example to point me in the right direction. Would like to know, a
> lot.
perldoc CGI
Look for "Creating a File Upload Field." It also explains how to receive
file uploads. Something like this:
use CGI;
my $q = new CGI;
my $filename = $q->param('file1');
my $filehandle = $q->upload('file1');
while (<$filehandle>) {
... do file stuff here ...
}
> Thankya Kindly
You're welcome.
hth,
Philip
------------------------------
Date: Tue, 05 Sep 2000 03:09:01 GMT
From: Jordan Hiller <jhiller@online-testing.net>
Subject: Re: Security question
Message-Id: <39B4640A.67411E6B@online-testing.net>
Maggert wrote:
>
> doesn't allow a filename to be input. Wouldn't a better regexp be
> if ($filename =~ /[^a-zA-Z0-9]\.[^a-zA-Z0-9]/) {
> die "bad character in filename";
> }
> Or would this also cause a problem? Since / is denied it
> should work right. I tried it and it allowed a filename but didn't
> allow backing up the directory structure.
I see your point; you need to allow . sometimes but not always. What
about allowing only [a-zA-Z0-9./] but also specifically denying ./?
Thanks guys!
Jordan Hiller
http://www.online-testing.net
------------------------------
Date: Mon, 04 Sep 2000 22:29:03 GMT
From: Bart Lateur <bart.lateur@skynet.be>
Subject: Re: Seperating text and integers from a variable
Message-Id: <h988rs43ckrghkv06r4u96003c1bbc5ohg@4ax.com>
Jonaskuh wrote:
>The question is I have a variable that
>contains a "ID" which is something like "hujkr45" and what I'd like
>to do is seperate the number from the text and put the number into
>it's own variable.
$string = 'hujkr45';
($text, $number) = $string =~ /^([a-zA-Z]+)(\d+)$/;
Note that $text and $number will only be defined (and assigned the
proper value) if the match succeeds. You can test for the "truth" of
that last assignment
unless(($text, $number) = $string =~ /^([a-zA-Z]+)(\d+)$/) {
die "Oops! unexpected format in \"$string\"";
}
--
Bart.
------------------------------
Date: 4 Sep 2000 22:22:38 GMT
From: vipul@shell2.ba.best.com (Vipul Ved Prakash)
Subject: Tie::EncryptedHash 1.0
Message-Id: <sr8ea1tha6e181@corp.supernews.com>
Tie::EncryptedHash 1.0 has been uploaded to CPAN.
NAME
Tie::EncryptedHash - Hashes (and objects based on hashes) with
encrypting fields.
SYNOPSIS
use Tie::EncryptedHash;
my %s = ();
tie %s, Tie::EncryptedHash, 'passwd';
$s{foo} = "plaintext"; # Normal field, stored in plaintext.
print $s{foo}; # (plaintext)
$s{_bar} = "signature"; # Fieldnames that begin in single
# underscore are encrypted.
print $s{_bar}; # (signature) Though, while the password
# is set, they behave like normal fields.
delete $s{__password}; # Delete password to disable access
# to encrypting fields.
print $s{_bar}; # (Blowfish NuRVFIr8UCAJu5AWY0w...)
$s{__password} = 'passwd'; # Restore password to gain access.
print $s{_bar}; # (signature)
$s{_baz}{a}{b} = 42; # Refs are fine, we encrypt them too.
DESCRIPTION
Tie::EncryptedHash augments Perl hash semantics to build secure,
encrypting containers of data. Tie::EncryptedHash introduces special
hash fields that are coupled with encrypt/decrypt routines to encrypt
assignments at STORE() and decrypt retrievals at FETCH(). By design,
encrypting fields are associated with keys that begin in single
underscore. The remaining keyspace is used for accessing normal hash
fields, which are retained without modification.
While the password is set, a Tie::EncryptedHash behaves exactly like a
standard Perl hash. This is its transparent mode of access. Encrypting
and normal fields are identical in this mode. When password is deleted,
encrypting fields are accessible only as ciphertext. This is
Tie::EncryptedHash's opaque mode of access, optimized for serialization.
Encryption is done with Crypt::CBC(3) which encrypts in the cipher block
chaining mode with Blowfish, DES or IDEA. Tie::EncryptedHash uses
Blowfish by default, but can be instructed to employ any cipher
supported by Crypt::CBC(3).
AUTHOR
Vipul Ved Prakash <mail@vipul.net>
LICENSE
Artistic.
------------------------------
Date: Mon, 04 Sep 2000 22:23:32 GMT
From: Bart Lateur <bart.lateur@skynet.be>
Subject: Re: Unexpected Module name in first parameter to subroutine
Message-Id: <f588rskd1g163ge9ca7spp49r9em1fipql@4ax.com>
Clyde Ingram wrote:
>However, when I call Win32::NetResource::GetSharedResources, I find there
>are 3 parameters, not 2. Further, the zeroth parameter is the new one:
>
> $_[0] stores the module name 'Win32::NetResource'
>while:
> $_[1] stores the reference to @resources
> $_[2] stores the value $type
Are you sure you're not calling it like:
Win32::NetResource->GetSharedResources(\@resources, $type);
because in that case, you're using it as a class method, and it is
*supposed* to behave this way.
HTH,
Bart.
------------------------------
Date: 5 Sep 2000 03:28:47 GMT
From: "Josiah Bryan" <jdb@wcoil.com>
Subject: Using AI::NeuralNet::Mesh to 'learn' CPU load
Message-Id: <8p1p9f$dli$0@206.230.71.19>
Greets all,
I just came up with a very simple script that uses AI::NeuralNet::Mesh to
'learn' CPU load indices (as measured by System::Index) and with a few
simple modifications, can predict the CPU load into the future.
Downloadable from:
http://www.josiah.countystart.com/modules/get.pl?cpupl:clp.misc
This script measures the CPU load index in two second increments. It applies
to the inputs of a mesh network the past ten CPU indices, as well as the
current month, day, hour, and minute, to get the prediction of the next CPU
index in the series. This script teaches itself as it runs. When its
predictions reach a configurable percentage of differeance, it automatically
re-trains the internal mesh network with the correct CPU index.
This script is meant as a simple demonstration of an idea, not as an actual
production model.
** Please give feedback/flames/comments/etc. ***
Thankyou all!
BTW, If anyone knows of a better module/better method of measuring system
preformance/load levels, such as CPU load, etc, *please* let me know
<mailto:jdb@wcoil.com> or post it to this group, as it is essential to
another project i am working on. Thanks!
--
Josiah Bryan
jdb@wcoil.com
Tel: 937.316.6256
------------------------------
Date: Tue, 05 Sep 2000 02:49:06 GMT
From: tjla@guvfybir.qlaqaf.bet (Gwyn Judd)
Subject: Re: using the value of a variable for another varible's name?
Message-Id: <slrn8r8nov.264.tjla@thislove.dyndns.org>
I was shocked! How could Mark-Jason Dominus <mjd@plover.com>
say such a terrible thing:
>In article <0s67rssjp2es210001b6nl47b6s9ah8pog@4ax.com>,
>Bart Lateur <bart.lateur@skynet.be> wrote:
>>If at all possible, use a hash, for example
>>
>> $day{monday}
>>
>>instead of
>>
>> $monday
>>
>>It's virtually as fast.
>
>It's exactly as fast.
It's half as fast:
[gwyn@thislove:~]$ cat sym.pl
#!/usr/bin/perl -w
use strict;
use Benchmark;
my $day = 'monday';
my $temp;
my %days;
timethese (1 << 18, {
'sym' => '${$day} = \'11 am\'; $temp = $monday;',
'hash' => '$days{monday} = \'11 am\'; $temp = $days{monday};',
});
[gwyn@thislove:~]$ perl sym.pl
Benchmark: timing 262144 iterations of hash, sym...
hash: 0 wallclock secs ( 1.12 usr + 0.01 sys = 1.13 CPU) @
231985.84/s (n=262144)
sym: 0 wallclock secs ( 0.59 usr + 0.00 sys = 0.59 CPU) @
444311.86/s (n=262144)
>> It's just as flexible.
>
>It's more flexible, because you get to use
true
>> It's a lot safer.
>
>Yep.
true
--
Gwyn Judd (print `echo 'tjla@guvfybir.qlaqaf.bet' | rot13`)
Slight not what's near through aiming at what's far.
-- Euripides
------------------------------
Date: Tue, 05 Sep 2000 03:30:29 GMT
From: mjd@plover.com (Mark-Jason Dominus)
Subject: Re: using the value of a variable for another varible's name?
Message-Id: <39b468d4.2b89$178@news.op.net>
In article <slrn8r8nov.264.tjla@thislove.dyndns.org>,
Gwyn Judd <tjla@guvfybir.qlaqaf.bet> wrote:
>>It's exactly as fast.
>
>It's half as fast:
You are combining unlike things. Obviously a regular variable access
is faster than a hash lookup. But the store through the symbolic
reference is exactly as fast as the store into the hash. You have
added together the times for these two operations.
------------------------------
Date: Mon, 4 Sep 2000 19:57:12 -0400
From: "ortius" <asleep@thewheel.com>
Subject: version problem?
Message-Id: <39b435e0_1@nntp2.nac.net>
Hello:
We're writing some perl scripts.... have a crazy dilemma. Not sure why. If
we run the scripts on a free bsd or linux box using perl 5.003, all is well.
It makes no difference whether the first line is #!/usr/bin/perl5.003 or
simply #!/usr/bin/perl . They run fine with chmod 755 on these boxes.
We need to put these same scripts on a va linux box that's set up for
perl5.005_03. But , they WON't run at all, unless we chmod 777, which is not
preferred.Is there something vastly different between these versions? Some
other problem somebody can infer from the description I'm giving?
Going bald & losing sleep... yeesh!
mike
omniNOSPAM@nac.net
--
The early bird may get the worm, but the second mouse gets the cheese .
------------------------------
Date: 16 Sep 99 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 16 Sep 99)
Message-Id: <null>
Administrivia:
The Perl-Users Digest is a retransmission of the USENET newsgroup
comp.lang.perl.misc. For subscription or unsubscription requests, send
the single line:
subscribe perl-users
or:
unsubscribe perl-users
to almanac@ruby.oce.orst.edu.
| NOTE: The mail to news gateway, and thus the ability to submit articles
| through this service to the newsgroup, has been removed. I do not have
| time to individually vet each article to make sure that someone isn't
| abusing the service, and I no longer have any desire to waste my time
| dealing with the campus admins when some fool complains to them about an
| article that has come through the gateway instead of complaining
| to the source.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
To request back copies (available for a week or so), send your request
to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
where x is the volume number and y is the issue number.
For other requests pertaining to the digest, send mail to
perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
sending perl questions to the -request address, I don't have time to
answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V9 Issue 4224
**************************************
