[15758] in Perl-Users-Digest
Perl-Users Digest, Issue: 3171 Volume: 9
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Fri May 26 03:10:41 2000
Date: Fri, 26 May 2000 00:10:20 -0700 (PDT)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Message-Id: <959325020-v9-i3171@ruby.oce.orst.edu>
Content-Type: text
Perl-Users Digest Fri, 26 May 2000 Volume: 9 Number: 3171
Today's topics:
using param() and CGI.pm to store a persistent value <csorensen@uptimeresources.net>
Re: using param() and CGI.pm to store a persistent valu (Randal L. Schwartz)
Re: using param() and CGI.pm to store a persistent valu <csorensen@uptimeresources.net>
Re: using param() and CGI.pm to store a persistent valu <phil@BuxTech.Com>
Re: using param() and CGI.pm to store a persistent valu <godzilla@stomp.stomp.tokyo>
Re: What web url to send scripts to the world??? <y-o-y@home.com>
Why not 5.005_03? <dwhaskin@earthlink.net>
Digest Administrivia (Last modified: 16 Sep 99) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: 25 May 2000 21:12:06 EDT
From: Chris <csorensen@uptimeresources.net>
Subject: using param() and CGI.pm to store a persistent value
Message-Id: <392DCF55.F6BBA3E7@uptimeresources.net>
I'm really struggling with this one. I need to store a value that is
passed in the url from a referring site. I grabbed a copy of Lincoln's
book and put the following together. Unfortuantely it's not working and
I can't find my error. the shebang is correct, I think the cookie()
syntax is correct (I copied it from the book) .. any ideas .. anyone ??
I'm hoping that this is an error in my perl code and that someone here
will point it out to me ..
thank you
Chris
#!/usr/bin/perl
use CGI qw(:standard);
#set cookie to capture siteID variable passed in URL from referring site
cookie ( -name=>'siteID',
-value=>'param(siteID)');
# retrieve value
@cookie_value = cookie(-name=>'siteID');
# print siteID to file - this is just for testing purposes - will be
removed when script works
open (TESTER, ">testiner.txt") || die "cannot open";
print TESTER @cookie_value, "\n";
# jump to correct starting page
start_html('refresher'),
<meta http-equiv="refresh" content="1;URL=http://insuremybiz.com">,
end_html;
------------------------------
Date: 25 May 2000 18:19:21 -0700
From: merlyn@stonehenge.com (Randal L. Schwartz)
Subject: Re: using param() and CGI.pm to store a persistent value
Message-Id: <m1ya4yglba.fsf@halfdome.holdit.com>
>>>>> "Chris" == Chris <csorensen@uptimeresources.net> writes:
Chris> -value=>'param(siteID)');
That's probably not gonna do anything but put the literal text
"param(siteid)" in your value. You want param("siteID") instead.
See my columns at http://www.stonehenge.com/merlyn/WebTechniques/
for many many more examples of using CGI.pm.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
------------------------------
Date: 25 May 2000 22:30:39 EDT
From: Chris <csorensen@uptimeresources.net>
Subject: Re: using param() and CGI.pm to store a persistent value
Message-Id: <392DE1BE.BF396F98@uptimeresources.net>
Thanks Randal - I made that change and retried .. still no luck ..
I am stumped! I've checked the syntax everyway from sunday and can't find any
problems..
the -w complains a bit about using $q and $cookie_value only once (each) but
other than that -w is happy ..
tried a slightly different approach this time .. use param() to pull the value of
siteID out of the referring url and save to a variable ($abba) .. then set a
cookie with the value set as the variable (rather than setting the value as the
param() function).
the printing functions are commented out .. just in case they're causing a
problem
and STILL no love in perlville - darn thing says ""CGIWrap Error: Script
Execution Failed""
CGIWrap encountered an error while attempting to execute this script:
Error Message: Text file busy
Error Number: 26
If anyone has an idea I would really appreciate it ..
((((latest attempt))))
#!/usr/bin/perl
use CGI ":all";
$abba = param("siteID");
cookie( -name=>'siteID',
-value=>$abba);
$cookie_value = cookie(-name=>'siteID');
#open (TESTER, ">testiner.txt") || die "cannot open";
#print TESTER $cookie_value, "\n";
print $q->redirect('http://www.insuremybiz.com');
"Randal L. Schwartz" wrote:
> >>>>> "Chris" == Chris <csorensen@uptimeresources.net> writes:
>
> Chris> -value=>'param(siteID)');
>
> That's probably not gonna do anything but put the literal text
> "param(siteid)" in your value. You want param("siteID") instead.
>
> See my columns at http://www.stonehenge.com/merlyn/WebTechniques/
> for many many more examples of using CGI.pm.
>
> --
> Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> <merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
> See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
------------------------------
Date: 25 May 2000 23:20:30 -0400
From: Phil Eschallier <phil@BuxTech.Com>
Subject: Re: using param() and CGI.pm to store a persistent value
Message-Id: <86ya4yyp35.fsf@BuxTech.Com>
Chris;
I believe you'll find that cookie() creates the cookie but it is
issued via the perl5 pseudo-code:
my $cookie = cookie(...);
print header(-cookie=>$cookie); # or print $q->header ...
It looks like your code creates a cookie but never issues (prints)
it.
--
Phil Eschallier | Bux Technical Services | Systems, software,
inet phil@BuxTech.Com | 131 Wells Road | security and Inter-
tel 215 348 9721 | Doylestown, PA 18901 | networking for your
fax 215 230 8265 | http://www.BuxTech.Com | business!
KeyID D6E9B193
>>>>> "Chris" == Chris <csorensen@uptimeresources.net> writes:
> Thanks Randal - I made that change and retried .. still no luck
> .. I am stumped! I've checked the syntax everyway from sunday
> and can't find any problems..
> the -w complains a bit about using $q and $cookie_value only
> once (each) but other than that -w is happy ..
> tried a slightly different approach this time .. use param() to
> pull the value of siteID out of the referring url and save to a
> variable ($abba) .. then set a cookie with the value set as the
> variable (rather than setting the value as the param()
> function).
> the printing functions are commented out .. just in case they're
> causing a problem
> and STILL no love in perlville - darn thing says ""CGIWrap
> Error: Script Execution Failed""
> CGIWrap encountered an error while attempting to execute this
> script: Error Message: Text file busy Error Number: 26
> If anyone has an idea I would really appreciate it ..
> ((((latest attempt))))
> #!/usr/bin/perl
> use CGI ":all";
> $abba = param("siteID");
> cookie( -name=>'siteID', -value=>$abba);
> $cookie_value = cookie(-name=>'siteID');
> #open (TESTER, ">testiner.txt") || die "cannot open";
> #print TESTER $cookie_value, "\n";
> print $q->redirect('http://www.insuremybiz.com');
> "Randal L. Schwartz" wrote:
>> >>>>> "Chris" == Chris <csorensen@uptimeresources.net> writes:
>>
Chris> -value=>'param(siteID)');
>> That's probably not gonna do anything but put the literal text
>> "param(siteid)" in your value. You want param("siteID")
>> instead.
>>
>> See my columns at
>> http://www.stonehenge.com/merlyn/WebTechniques/ for many many
>> more examples of using CGI.pm.
>>
>> -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. -
>> +1 503 777 0095 <merlyn@stonehenge.com>
>> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security
>> consulting, Technical writing, Comedy, etc. etc. See
>> PerlTraining.Stonehenge.com for onsite and open-enrollment Perl
>> training!
------------------------------
Date: Thu, 25 May 2000 22:20:14 -0700
From: "Godzilla!" <godzilla@stomp.stomp.tokyo>
Subject: Re: using param() and CGI.pm to store a persistent value
Message-Id: <392E098E.63E40BE3@stomp.stomp.tokyo>
Chris wrote:
> I'm really struggling with this one. I need to store a
> value that is passed in the url from a referring site.
> I grabbed a copy of Lincoln's book and put the following
> together. Unfortuantely it's not working and I can't find
> my error. the shebang is correct, I think the cookie()
> syntax is correct (I copied it from the book)
> .. any ideas .. anyone ??
Chris, do you know a gal named Madame Ruth?
You know, that gypsy with a gold capped tooth?
I've looked over what you are doing. Based on
your goal, your script can be very simple, very
basic and there is no rational reason to bloat
your script with all kinds of modules, only to
discover you have to fight tooth and nail to
make those modules do what you want, which is
to set a simple cookie and redirect. It is
in dealing with modules you are having basic
problems; get rid of them.
KISS: Keep It Simple Silly.
I have an example script down below which
will show lots of neat stuff which can be
accomplished without any need for modules,
including your goal.
First though, on cgi-wrap, after years of
working with this wrapper program, my only
comment would be it is a data mangler.
Your error message.. well, if you try things
in a more simple and direct way, cgi-wrap won't
crap its pants cuz you wanna do modules. "Hint".
Learning to work around cgi-wrap is trial and
error. This results because its configuration
by a sysop, is tentative. Documentation for
cgi-wrap is poorly written and misleading.
You are basically stuck with it. After a lot
of experimentation, you will figure out how
to fool cgi-wrap into doing what you want.
Watch out for cgi-wrap confusing a numerical
value of 0 (zero) for undefined and, never
try to write your own http headers and push
them through cgi-wrap, nph style, that is,
non-parsed header style. Research this if
you want to know more. There is an informative
cgi-wrap site on our internet.
My opinion is Cookies are bitter and hard to
chew being a product coming out of Captain
Java's Forces of Evil Kitchen. Heh! I don't
do cookies nor java. You can figure this
cookie thing by research and learning on
cookie methodology. Please do this. Your
time spent will return you great rewards.
Run an internet search on "cookies". There
are lots and lots of great sites which
will teach you all you need to know, and
you will find thousands of great receipes!
This example script displays a lot of methods
in a bit of a fun way and, to an excess. My
intent is to show you how to create a Query
String, how to grab it and extract data for
use in many different ways.
Look at the contents of my test.html down
below. You will see a proper format for
a link with a query string. Chances are
good it will be word wrapped by your
dumb news reader, so keep this in mind.
My test script, oh my, some will scream
on this one. So what? Your objective is
to accomplish your goal, not to please
everyone's anal retentive demands.
In my test script I have set a lot of
global variables and have used an old
fashion read & parse. You will notice
I use no modules, no strict, no -w
and all that. No need. They are of
no benefit and an annoyance for doing
something this simple. Forget those.
My overkill on globals is to show you
how, guess, to use globals! Why I have
done this is to exemplify how important
globals can be if you have a need to
manipulate input in many sub-routines.
Each of my prints, pretend they are
sub-routines which pull in global
variables for use. There are times
use of "my" variables fails badly.
Why, is beyond my scope and intent
for this article. Forget my.
This read & parse, only has one true
security issue within the context of
its usage; query string funnies. This
is the only input method for this script
and there are some security issues, but
they are very easy to deal with. I will
provide a link for basic security issues.
This Steve Brenner style read & parse,
the foundation of cgi.pm, is straight
forth and easy to customize. It grabs
your query string, processes it various
ways such as " + " becomes a space,
equal sign " = " becomes glue for your
key and value pairs, along with taking
care of %xx type format input.
These are the variables I grab from
my query string:
$id = $in{ID};
$name = $in{Name};
$product = $in{Product};
$in{Key Name} is the format for
this style of read & parse.
I made them globals and gave them variable
names which are logical and easy to remember
later in your program. Plain English stuff
with names hinting at contents.
You will also see a handful of environmental
variables $ENV{whatever} have been set as
globals and renamed. Like my query string
variables, these new names make sense and,
importantly, protect the original values
allowing you to manipulate these data
safely and with no concern about the
original value being accidently changed.
In the cookie section, I've displayed
how you can manipulate some data for
use and, have displayed some basic
concepts behind what you might wish
to incorporate into a cookie, concepts
showing how you can create unique and
useful information.
My Time_Stamp routine, I love. This is
so much easier with which to work than
incomprehensible Perl 5 style. You can
read varibles with names which make good
old fashion sense. No problems with head
scratching confusion from Perl 5 Egyptian
heiroglyphics. Its Plain English!
Funny, this very time stamp routine is one
I posted five months back. Experts here
ranted and raved for days about this being
cargo cult code. Guess what? Perl 4 is not
cargo cult. Perl 5 is cargo cult code today.
Appears experts do not understand what
qualifies cargo cult. I do. Sure took enough
Anthropology to recognize cargo cult when
it is parachuted down to a South Pacific Island.
Anyhow Chris, you have an example html page,
an example script and a print of expected
results, except some data will change on
your server. Give what I have presented
some thought. There are easier ways to
do what you want, literally do what you
want, rather than what a module author
tells you to do. Do it your way. This
is fun and brings pride. You will be
actually writing a program, not using
copy and paste.
Remember, you need to address your
query string security. This is very
important. Don't slack off on this.
http://www.eekim.com/pubs/cgibook/ch09/0902.html
I'll leave it to you to learn how to
setup cookies. Do yourself a favor
and research cookie baking well,
really well. There are some true
security issues involved.
Chris, play around with some of these
ideas. You can mix Perl 4 and Perl 5
with little, if any problems. Don't
allow anyone to tell you,
"You MUST use Perl 5."
This is technological bigotry and
very bad advice. Use all tools made
available to you, both Perl 4 and
Perl 5. Each version is valuable
and offers you a wealth of knowledge
and a plethora of amazing tools.
Be mindful of word wrapping by your
news reader and, change your first
line Perl locale if you decide to
use this script.
Godzilla!
PRINTED RESULTS
_______________
Madam Ruth came in from:
http://la.znet.com/~callgirl/test.html
hoping to sell Love Potion No.9 to our customers.
She does seem a professional Gypsy. I asked
Madame Ruth if a cookie would be nice.
Madame Ruth said "yes" so I baked Gypsy Madame Ruth
a nice big cookie in exchange for a swig
of her Love Potion No.9.
On 21:10:16 5/25/2000 a Cookie with an ID of 20716
was baked for Madame Ruth with this receipe:
Cookie ID: 20716
Cookie Client: Madame Ruth
Cookie Occupation: Gypsy
Cookie Product: Love Potion No.9
Cookie Host: lats1-55.znet.net
Cookie Address: 207.167.96.55
Cookie Agent: Mozilla/GODZILLA! GO GO GODZILLA!
Cookie Set: 21:10:16 5/25/2000
Cookie Expires: 21:10:16 5/25/2001
This is a delicious cookie being basted
in Love Potion No.9 over and over and over....
Fake Redirect: http://lats1-55.znet.net/page2/yadayada.cgi
Wait, I don't like that one....
Fake Redirect: http://www.Love Potion
No.9.com/Gypsy/gold/capped/tooth.html
In a thousand years it will be: 21:10:16 5/25/3000
and our loving Madam Ruth the Gypsy will still
be selling Love Potion No.9 to all boys and girls.
CONTENTS OF REFERRING HTML PAGE
(Chris, A HREF should be one line, watch word wrap)
_______________________________
<HTML><HEAD><TITLE>Query String Test</TITLE></HEAD>
<BODY>
<BR><BR>
<CENTER>
<A
HREF="http://la.znet.com/~callgirl/test.cgi?ID=Gypsy&Name=Madame+Ruth&Product=Love+Potion+No.9">
TEST CLICK
</A>
<P>
</BODY></HTML>
TEST SCRIPT
___________
#!/usr/local/bin/perl
print "Content-Type: text/plain\n\n";
## Set some globals for fun:
$env_ref = $ENV{HTTP_REFERER};
$env_host = $ENV{REMOTE_HOST};
$env_addr = $ENV{REMOTE_ADDR};
$env_agent = $ENV{HTTP_USER_AGENT};
## Grab query string and extract info:
&Parse;
sub Parse
{ # Parse #
local (*in) = @_ if @_;
local ($i, $key, $value);
$in = $ENV{'QUERY_STRING'};
@in = split(/&/,$in);
foreach $i (0 .. $#in)
{
$in[$i] =~ s/\+/ /g;
($key, $value) = split(/=/,$in[$i],2);
($value eq "") && next;
$key =~ s/%(..)/pack("c",hex($1))/ge;
$value =~ s/%(..)/pack("c",hex($1))/ge;
$in{$key} .= "\0" if (defined($in{$key}));
$in{$key} .= $value;
}
return 1;
} # Parse #
## Set some more globals for more fun:
$id = $in{ID};
$name = $in{Name};
$product = $in{Product};
## Why not play around now:
print "
$name came in from:
$env_ref
hoping to sell $product to our customers.
She does seem a professional $id. I asked
$name if a cookie would be nice.
$name said \"yes\" so I baked $id $name
a nice big cookie in exchange for a swig
of her $product. \n\n\n";
## Bake a cookie:
&Time_Stamp;
$cookie_id = substr ($env_addr, 0,6);
$cookie_id =~ s/\.//g;
$cookie_client = $name;
$cookie_occup = $id;
$cookie_product = $product;
$cookie_host_id = $env_host;
$cookie_ip_addy = $env_addr;
$cookie_agent = $env_agent;
$cookie_set = $date;
$cookie_expires = $date2;
## A cookie is baked:
print "
On $date a Cookie with an ID of $cookie_id
was baked for $name with this receipe:
Cookie ID: $cookie_id
Cookie Client: $name
Cookie Occupation: $id
Cookie Product: $product
Cookie Host: $cookie_host_id
Cookie Address: $cookie_ip_addy
Cookie Agent: $cookie_agent
Cookie Set: $cookie_set
Cookie Expires: $cookie_expires
This is a delicious cookie being basted
in $product over and over and over....\n\n\n";
## Well heck, why not create a redirect:
print "
Fake Redirect: http://$env_host/page2/yadayada.cgi
Wait, I don't like that one....
Fake Redirect:
http://www.$product.com/$id/gold/capped/tooth.html\n\n\n";
print "
In a thousand years it will be: $date3
and our loving $name the $id will still
be selling $product to all boys and girls.";
## Drop a dime, rock for a time, some more globals:
sub Time_Stamp
{
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
localtime(time);
if ($sec < 10)
{ $sec = "0$sec"; }
if ($min < 10)
{ $min = "0$min"; }
if ($hour < 10)
{ $hour = "0$hour"; }
if ($mon < 10)
{ $mon = "0$mon"; }
if ($mday < 10)
{ $mday = "0$mday"; }
$month = ($mon + 1);
$year = ($year + 1900);
$date = "$hour\:$min\:$sec $month/$mday/$year";
$year2 = ($year + 1);
$date2 = "$hour\:$min\:$sec $month/$mday/$year2";
$year3 = ($year + 1000);
$date3 = "$hour\:$min\:$sec $month/$mday/$year3";
}
exit;
------------------------------
Date: Fri, 26 May 2000 01:17:59 GMT
From: A <y-o-y@home.com>
Subject: Re: What web url to send scripts to the world???
Message-Id: <bhkX4.209246$Tn4.1851561@news1.rdc2.pa.home.com>
In article
<Pine.GSO.4.10.10005251453590.14618-100000@user2.teleport.com>, Tom
Phoenix <rootbeer@redcat.com> wrote:
> On Thu, 25 May 2000, A wrote:
>
> > Subject: What web url to send scripts to the world???
> >
> > And fetch, of course!
>
> Are you wanting to share programs with others? Maybe you want to find a
> software archive.
>
> Are you wanting to do something else with the web? Maybe you want to find
> a search engine.
>
> Cheers!
I want to know where to post my scripts!
I posted my first one to this ng, but it's apparent that this isn't the
the place to share.
I'll check the CPAN site.
Regards,
Andy
------------------------------
Date: Thu, 25 May 2000 17:26:49 GMT
From: Denis Haskin <dwhaskin@earthlink.net>
Subject: Why not 5.005_03?
Message-Id: <392D61EA.F5ABBF5D@earthlink.net>
I'm a little confused. I'm trying to decide which version of Perl to
use on a new implementation (Solaris 8).
I've been using 5.6.0 for development, and while it's advertised as the
"stable, tested release that you should use in production environments"
(see http://www.perl.com/pub/language/info/software.html), I've
encountered problems with it and Unicode that I had to work around.
I'm now also encountering a *very* weird problem with a subroutine
disappearing on me, but I'll describe it in more detail in another post.
The page at www.perl.com that I mentioned above says that the "previous
version of Perl is the 5.004_05 release" and contains a link to that.
What happened to 5.005_03? That appears to the one that came with our
Solaris 8 installation. Is there a reason www.perl.com doesn't
recommend that as the "previous version"?
Much thanks in advance,
dwh
------------------------------
Date: 16 Sep 99 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 16 Sep 99)
Message-Id: <null>
Administrivia:
The Perl-Users Digest is a retransmission of the USENET newsgroup
comp.lang.perl.misc. For subscription or unsubscription requests, send
the single line:
subscribe perl-users
or:
unsubscribe perl-users
to almanac@ruby.oce.orst.edu.
| NOTE: The mail to news gateway, and thus the ability to submit articles
| through this service to the newsgroup, has been removed. I do not have
| time to individually vet each article to make sure that someone isn't
| abusing the service, and I no longer have any desire to waste my time
| dealing with the campus admins when some fool complains to them about an
| article that has come through the gateway instead of complaining
| to the source.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
To request back copies (available for a week or so), send your request
to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
where x is the volume number and y is the issue number.
For other requests pertaining to the digest, send mail to
perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
sending perl questions to the -request address, I don't have time to
answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V9 Issue 3171
**************************************
