[16693] in Perl-Users-Digest
Perl-Users Digest, Issue: 4105 Volume: 9
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Wed Aug 23 11:05:34 2000
Date: Wed, 23 Aug 2000 08:05:18 -0700 (PDT)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Message-Id: <967043117-v9-i4105@ruby.oce.orst.edu>
Content-Type: text
Perl-Users Digest Wed, 23 Aug 2000 Volume: 9 Number: 4105
Today's topics:
Re: Associative arrays <philipg@atl.mediaone.net>
Re: Best General HTTP Proxy? <iltzu@sci.invalid>
Re: CGI.pm - object-oriented - file upload problem <elephant@squirrelgroup.com>
CGI prodotes@yahoo.com
Re: CGI <amonotod@netscape.net>
Re: Cookie problem (chrs in value) <bart.lateur@skynet.be>
Re: Functions and reference notation. (Anno Siegel)
Re: Generalized "User Database"? <mkruse@netexpress.net>
Re: looking for taint resources (Anno Siegel)
Re: looking for taint resources (Martien Verbruggen)
Re: lwp post method <philipg@atl.mediaone.net>
Re: lwp post method matt@NOSPAMcipherdesign.com
Re: lwp post method (Keith Calvert Ivey)
Re: lwp post method (Keith Calvert Ivey)
newbie question - dont flame me filosmith@my-deja.com
Re: newbie question - dont flame me <care227@attglobal.net>
Re: newbie question - dont flame me (Greg Bacon)
Re: newbie question - dont flame me (Rafael Garcia-Suarez)
Re: newbie question - dont flame me <amonotod@netscape.net>
Re: newbie question about "uninitialized variables" <iltzu@sci.invalid>
NT drive mappings-newbee question dwilson6660@my-deja.com
Re: Perl and dates zideon@my-deja.com
Re: Perl and dates <tony_curtis32@yahoo.com>
Re: PLEASE HELP !!! What is wrong with Windows... (Astrid Behrens)
Re: Problem accessing CGI.pm <philipg@atl.mediaone.net>
Problem on Netscape::History. <so.hon-chu@graduate.hku.hk>
Re: Problem on Netscape::History. (Martien Verbruggen)
Re: Problem on Netscape::History. <amonotod@netscape.net>
Re: Programming Ethics (Martien Verbruggen)
Re: Regular expression, $1 in a $variable. (Keith Calvert Ivey)
Re: Uploading files via post form <elephant@squirrelgroup.com>
User ID - someone explain? <nomail@hursley.ibm.com>
Re: User ID - someone explain? <amonotod@netscape.net>
Digest Administrivia (Last modified: 16 Sep 99) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: Wed, 23 Aug 2000 14:00:08 GMT
From: "Philip Garrett" <philipg@atl.mediaone.net>
Subject: Re: Associative arrays
Message-Id: <INQo5.62164$rd1.11083785@typhoon-news1.southeast.rr.com>
Martien Verbruggen <mgjv@tradingpost.com.au> wrote in message
news:slrn8q78b6.5ap.mgjv@martien.heliotrope.home...
> On Wed, 23 Aug 2000 10:30:58 +0100,
> Alex Buell <alex.buell@tahallah.clara.co.uk> wrote:
> > I was playing with associative arrays like so:
> >
> > %fields = ( "Member ID" => 0, "Forename" => 1, "Surname" = >2 );
[snip]
> > print $fields{0); # I want to print "Member ID" but it doesn't!
>
> Because they are hashes, or associative arrays. The elements of these
> things do not have an index. They're fundamentally unordered, and you
> should not expect any order.
I think you misunderstood the OP. He thinks it should return "Member ID"
because it's associated with "0", not because it's the first element in the
list.
> > Wouldn't it be cool to be able to get at the values just by doing:
> >
> > print $fields{"Member ID"}; # to get 0
> > print $fields{0}; # to get "Member ID"
NIMHO. Suppose you coded (it's stupid, but a valid hash nonetheless):
%fields = ( "Zero" => 0, 0 => "Zero", 1 => "Zero" );
What should $fields{0} be now? What about $fields{Zero}?
Philip
------------------------------
Date: 23 Aug 2000 14:33:21 GMT
From: Ilmari Karonen <iltzu@sci.invalid>
Subject: Re: Best General HTTP Proxy?
Message-Id: <967040933.9880@itz.pp.sci.fi>
In article <m1wvh89avq.fsf@halfdome.holdit.com>, Randal L. Schwartz wrote:
>comment mode too long. For example, as HTML, this is one long
>comment:
>
> <!-- A -- B --> still in a comment <!-- C -- D -->
From my reading of the HTML standard, that's a syntax violation.
_This_ would be one long comment:
<!-- A -- --> still in a comment <!-- -- D -->
--
Ilmari Karonen - http://www.sci.fi/~iltzu/
Please ignore Godzilla | "By promoting postconditions to
and its pseudonyms - | preconditions, algorithms become
do not feed the troll. | remarkably simple." -- Abigail
------------------------------
Date: Wed, 23 Aug 2000 14:35:09 GMT
From: jason <elephant@squirrelgroup.com>
Subject: Re: CGI.pm - object-oriented - file upload problem
Message-Id: <MPG.140e7e8d18e4fa669896de@localhost>
Albert Dewey <timewarp@shentel.net> wrote ..
-
>$File = param('file');
-
>Okay to you flamers out there - I know that I don't use strict here and my erro
>message is not what some of you like to use. I use my methods and you use yours
>If you find a genuine syntax error then post a correction please.
no syntax errors .. and this is far from a flame - but you completely
ignored the originator who said that the functional notation worked fine
- but that they were unable to use it
in fact .. it was the first thing they said after "Hi"
>> On Wed, 23 Aug 2000 02:29:13 +0200, Peter Mooring <peterpm@xs4all.nl> wrote:
-
>> >I want to upload files using CGI.pm in object-oriented style, i.e.
>> >using: new CGI, $query->param, etc. (the function-oriented style
>> >works but I cannot use it)
btw .. you should limit your lines to something like 72 rather than 80
to give a reasonable number of followups (with quotation prefixes) to
your article before it trips over the 80 mark .. I've just truncated
your lines
--
jason -- elephant@squirrelgroup.com --
------------------------------
Date: Wed, 23 Aug 2000 13:50:41 GMT
From: prodotes@yahoo.com
Subject: CGI
Message-Id: <8o0kra$fbt$1@nnrp1.deja.com>
I would need an CGI script that would redirect input from an wab page
to an file... the name of the file is also specified in the web page...
can anyone help?
Thnx
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 23 Aug 2000 14:29:18 GMT
From: amonotod <amonotod@netscape.net>
Subject: Re: CGI
Message-Id: <8o0n34$i75$1@nnrp1.deja.com>
In article <8o0kra$fbt$1@nnrp1.deja.com>,
prodotes@yahoo.com wrote:
> I would need an CGI script that would redirect input from an wab page
> to an file... the name of the file is also specified in the web
> page...
> can anyone help?
Yes.
>
> Thnx
No problem.
HTH,
amonotod
--
`\|||/ amonotod@
(@@) netscape.net
ooO_(_)_Ooo________________________________
_____|_____|_____|_____|_____|_____|_____|_____|
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 23 Aug 2000 13:54:56 GMT
From: Bart Lateur <bart.lateur@skynet.be>
Subject: Re: Cookie problem (chrs in value)
Message-Id: <mll7qssshun4an1li7mqula4jo6k0n7e54@4ax.com>
Larry Rosler wrote:
>You'd end up doing a lot of small writes to files, which
>> isn't optimal, since each takes quite an overhead.
>
>Why is that? What about buffering in the output routines?
Just experiment with setting $\. With $\ set to "\n", for example, I
noitice a slowdown of about 20% in my code, on a Win32 PC. Only part of
it (the largest part) is printing.
Now, there a re basically two ways of printing with $\ set (that I can
think of):
A) Copy the scalar to print and appending the value of $\ to it.
B) First print the string, then print $\.
I think it's version 2 being used; it sounds smartest. But the overhead
is not negligable.
It has been suggested that ALL system calls have a significant overhead,
switching from user mode to supervisor (kernel?) mode and back. Even if
the system call barely does anything.
--
Bart.
------------------------------
Date: 23 Aug 2000 13:38:00 -0000
From: anno4000@lublin.zrz.tu-berlin.de (Anno Siegel)
Subject: Re: Functions and reference notation.
Message-Id: <8o0k3o$437$1@lublin.zrz.tu-berlin.de>
Abigail <abigail@foad.org> wrote in comp.lang.perl.misc:
>Anno Siegel (anno4000@lublin.zrz.tu-berlin.de) wrote on MMDXLVIII
>}} When I really curse the DWIMer is when I try to make sense of
>}} beginner's code.
>
>Isn't that the "curse" of all DWIMs?
>
>Frankly, I don't care whether beginners code makes sense or not. It's
>the code of the advanced user that counts....
I have been known to curse Perl's flexible syntax while trying to
make sense of certain experts' programs as well. Someone recently
posted code to distribute diff(1) output to three different files.
Scary, I tell you.
Anno
------------------------------
Date: Wed, 23 Aug 2000 09:36:00 -0500
From: "Matt Kruse" <mkruse@netexpress.net>
Subject: Re: Generalized "User Database"?
Message-Id: <39a3e0f3$0$18143@wodc7nh0.news.uu.net>
Martien Verbruggen <mgjv@tradingpost.com.au> wrote
> sounds like /etc/passwd with some extended GCOS information.
Well, since /etc/passwd is just a flat file containing information, I
suppose so :)
> Alternatively, use a combination of DBI, DBD::CSV, or another file based
> DBI driver. Use the crypt builtin to do password hashing stuff.
Yup, I know how to accomplish the end task. But I was asking if anyone had
already done the job of building it, creating methods to update the
"database", handle file locking, etc.
> > I thought this would be common! :)
> Very common.
Then why can't I find existing code to do it? :)
Thanks for your response!
--
Matt Kruse
http://www.mattkruse.com/
------------------------------
Date: 23 Aug 2000 14:05:58 -0000
From: anno4000@lublin.zrz.tu-berlin.de (Anno Siegel)
Subject: Re: looking for taint resources
Message-Id: <8o0lo6$461$1@lublin.zrz.tu-berlin.de>
<tebrusca@my-deja.com> wrote in comp.lang.perl.misc:
>In article <8nts46$1dk$1@lublin.zrz.tu-berlin.de>,
> anno4000@lublin.zrz.tu-berlin.de (Anno Siegel) wrote:
>> Thomas Brusca <tebrusca@oakland.edu> wrote in comp.lang.perl.misc:
[...]
>Your missing the point.
>I'm not asking for security requirements.
>I want a collection of common regex's (geared for taint).
>Why would I reinvent the wheel if someone already has?
So what else is a regex "geared for taint" than a regex designed
to meet security requirements?
You didn't tell us what you are going to use the laundered data
for. Are they files your program is going to read? Write?
Are they names of external commands (shudder)? Parameters to
external commands? Heck, you didn't even say what OS you're
running. No-one in their right mind would recommend anything
remotely security-relevant with so little information.
>I don't want to start from scratch thinking about all possible
>variations of a URL so I can match it, nor do I want to match just (.*).
Uh. You want to check a URL? No reasonable regex can do that. Ask
Abigail, she has written one but it's *not* reasonable.
I expect that one of the HTML:: modules does that.
Anno
------------------------------
Date: Thu, 24 Aug 2000 00:19:13 +1000
From: mgjv@tradingpost.com.au (Martien Verbruggen)
Subject: Re: looking for taint resources
Message-Id: <slrn8q7nb1.5ap.mgjv@martien.heliotrope.home>
On Wed, 23 Aug 2000 12:46:35 GMT,
tebrusca@my-deja.com <tebrusca@my-deja.com> wrote:
> In article <8nts46$1dk$1@lublin.zrz.tu-berlin.de>,
> anno4000@lublin.zrz.tu-berlin.de (Anno Siegel) wrote:
> > Thomas Brusca <tebrusca@oakland.edu> wrote in comp.lang.perl.misc:
>
> > >Also would like a collection of regex's for untainting
> > >the input. Common things like URL, e-mail, whatever.
Depends totally and solely on what you are going to do with those pieces
of data. Stuff them in a text file? /(.*)/. Pass an email address to
sendmail in the incorrect way, i.e. on the command line, you will need
something very, very complex. In other words, don't do it. Stuff it in a
database? use the correct bindings, or if you must embed it in a string,
get rid of quotes and stuff like that.
> > Any regex with catching parentheses launders tainted data. What
> > you use depends entirely on your security requirements. No-one
> > here can tell you what these are.
This is exactly right.
> Your missing the point.
> I'm not asking for security requirements.
Ok, you're not. But I am going to give them anyway. If not for you, then
for some other person who is reading this, and might pick up some wrong
ideas from the thread.
> I want a collection of common regex's (geared for taint).
There isn't really such a thing. The whole point of untainting data is
to force you to _think_ about what the particular dangers are of the
particular piece of data that you are going to accept. If you have to
pass it off as an argument to a program it's different from when you
have to run it in some restricted shell fashion, or pass it off to a
database or stuff it in a text file or run as a regex.
I don't have any general purpose regular expressions that would strip
'dangerous' characters from strings that I would pass off to a shell,
for the very simple reason that i would rather die than do that. User
input does not get passed to a shell. There are too many difficulties in
getting rid of all the dangerous stuff in strings like that. And the
requirements of _your_ particular application dictate what should and
shouldn't be allowed.
I thik you'll find that most people who would be most likely to be able
to create a large set of regexps that would come close to doing that
will not do it, for the same reasons that I wouldn't. It's dangerous,
error prone, and not necessary.
As a rule: Never pass user input to a shell, unless you can trust the
users, or can be very, very very restrictive about that user input (by
stripping out everything exept the first word, where word is made up of a
restricted character set, like \w or even [a-z]).
And don't say you wouldn't pass stuff off to a shell, because if you
wouldn't, you wouldn't be afraind of the rm * bit.
Apart from untainting the data, you should, more importantly, choose the
correct methods to handle the data. As said, do not pass data like that
to a shell, i.e., don't use it in backticks, qx//, system with one
argument, open, glob, and some other places (some of these are not
unsafe in ALL perls, but in many or some at least). If you need to do
database queries/updates/inserts with the data, don't embed the data in
a string, but use bindings.
> Why would I reinvent the wheel if someone already has?
I don't think anyone has. And if anyone claims they do have the silver
bullet that will shoot the problem for you, be very, very weary of
using it until you fully understand what it does, and are confident that
it does catch all dangerous situations.
> I don't want to start from scratch thinking about all possible
> variations of a URL so I can match it, nor do I want to match just (.*).
But that's not the point. A regexp to match a URL gets posted here
regularly. As long as you don't use that URL unsafely, however, there's
no need for it. Just use /(.*)/ and get on with life. A script that
accepts a name and URL from a user, and then saves those in a file
doesn't need to be afraid of what the data contains.
Validity of data and security or untainting are different things, and
shouldn't be done in one go. Valid URL's may very well contain
characters that you wouldn't want on a shell command line (or maybe not,
but that's beside the point). Do the safety check when necessary, and
the validity check when necessary. They're unrelated, although not
entirely orthogonal issues.
It would be unfair of us, at least me, to react in any other way to a
request like this than this way.
Taint cannot be removed by a silver bullet or general recipe. It depends
on the data, where the data is going to be used, and the source of the
data.
Martien
--
Martien Verbruggen |
Interactive Media Division |
Commercial Dynamics Pty. Ltd. | Curiouser and curiouser, said Alice.
NSW, Australia |
------------------------------
Date: Wed, 23 Aug 2000 13:46:28 GMT
From: "Philip Garrett" <philipg@atl.mediaone.net>
Subject: Re: lwp post method
Message-Id: <UAQo5.62163$rd1.11081049@typhoon-news1.southeast.rr.com>
<matt@NOSPAMcipherdesign.com> wrote in message
news:39a3a580.9118341@news.ntlworld.com...
> thanks,
> i thought that section was for those popup boxes that ask for a name
> and password. or are they the same thing?
>
> matt
Yes, that's for the popup boxes; no, they're not the same thing. I'm
guessing that trying that didn't help.
I noticed you are doing a post to http://www.mtnsms.com. Doesn't the action
attribute of the form say to go to session.asp? If so, you probably should
be posting to http://www.mtnsms.com/session.asp. The "method not allowed"
message probably means that they don't accept POST requests to their static
home page.
hth
Philip
------------------------------
Date: Wed, 23 Aug 2000 14:29:28 GMT
From: matt@NOSPAMcipherdesign.com
Subject: Re: lwp post method
Message-Id: <39a3dc54.23154284@news.ntlworld.com>
thanks for the help!
>Yes, that's for the popup boxes; no, they're not the same thing. I'm
>guessing that trying that didn't help.
youre right...
>I noticed you are doing a post to http://www.mtnsms.com. Doesn't the action
>attribute of the form say to go to session.asp? If so, you probably should
>be posting to http://www.mtnsms.com/session.asp. The "method not allowed"
>message probably means that they don't accept POST requests to their static
>home page.
yes i understand that now, so i had changed my url to the address of
the script, but now i get an "object moved" error!
i have managed to do the first step (logging into the front page)
using the get method and my username and password encoded into the
url... however i want to do this 'properly'.
also a question in advance:
from the documentation it seems like you want to be creating a
different user agent for each request that you do? (or is that
rubbish..) if so, will i have to mess around with the cookies to get
the second request to the target page accepted?
thanks again,
matt
--snip--
# cookies - after you login, the actual page im interested in:
#(messageUrl) checks the cookie the login page set.
my $loginUA = LWP::UserAgent->new;
$loginUA->cookie_jar(HTTP::Cookies->new(file => "lwpcookies.txt",
autosave => 1));
# prepare login request
my $loginReq = POST $loginUrl, [ username => $username, password =>
$password ];
# do the request
my $result = $loginUA->request($loginReq)->as_string();
# print the result
print $result;
--snip--
# this next bit never gets done, as the first fails, but am
# i on the right track?
my $messageUA = LWP::UserAgent->new;
my $messageReq = POST $messageUrl, [ smsMessage => $message ,
smsToNumbers => $number ];
$messageReq->content_type('application/x-www-form-urlencoded');
$messageReq->content('match=www&errors=0');
my $content = $messageUA->request($messageReq)->as_string;
print $content;
------------------------------
Date: Wed, 23 Aug 2000 14:00:23 GMT
From: kcivey@cpcug.org (Keith Calvert Ivey)
Subject: Re: lwp post method
Message-Id: <39a8d202.38613807@news.newsguy.com>
marcel@codewerk.com (Marcel Grunauer) wrote:
>In lwpcook, there's a section called "ACCESS TO PROTECTED DOCUMENTS".
>
>Based on that, I've used (some time ago):
>
> $ua = new LWP::UserAgent;
> $headers = new HTTP::Headers;
> $headers->authorization_basic($uname, $password);
> $request = new HTTP::Request("GET", $path, $headers);
> $response = $ua->request($request);
That's for URLs protected by HTTP authentication. Matt is
trying to access a site where the username and password are
in a form.
--
Keith C. Ivey <kcivey@cpcug.org>
Washington, DC
------------------------------
Date: Wed, 23 Aug 2000 14:00:22 GMT
From: kcivey@cpcug.org (Keith Calvert Ivey)
Subject: Re: lwp post method
Message-Id: <39a7d190.38500664@news.newsguy.com>
matt@NOSPAMcipherdesign.com wrote:
>i should have also supplied some relevant details from the login page:
><form method="post" action="session.asp" name="Login">
You've left that out of the URL for your request. You were
trying to post to the default page for the site rather than to
the ASP program. Change the URL to
'http://www.mtnsms.com/session.asp'.
--
Keith C. Ivey <kcivey@cpcug.org>
Washington, DC
------------------------------
Date: Wed, 23 Aug 2000 13:53:29 GMT
From: filosmith@my-deja.com
Subject: newbie question - dont flame me
Message-Id: <8o0l0f$fkj$1@nnrp1.deja.com>
Can someone help me please? this doesn't even attempt to do anything
with the second foreach...
foreach $displayName (keys %serverList)
{
foreach $uName (keys %{$displayName})
{
print "$displayName{$uName}\n";
}
}
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 23 Aug 2000 10:03:37 -0400
From: Drew Simonis <care227@attglobal.net>
Subject: Re: newbie question - dont flame me
Message-Id: <39A3D9B9.8E18BB23@attglobal.net>
filosmith@my-deja.com wrote:
>
> Can someone help me please? this doesn't even attempt to do anything
> with the second foreach...
>
> foreach $displayName (keys %serverList)
> {
> foreach $uName (keys %{$displayName})
> {
> print "$displayName{$uName}\n";
> }
> }
>
And what have you done to debug this? Are you sure that the
$displayName variable contains data? Have you added break
points to see how far in the loop goes?
------------------------------
Date: Wed, 23 Aug 2000 14:09:48 GMT
From: gbacon@HiWAAY.net (Greg Bacon)
Subject: Re: newbie question - dont flame me
Message-Id: <sq7mpcjqt9115@corp.supernews.com>
In article <8o0l0f$fkj$1@nnrp1.deja.com>,
<filosmith@my-deja.com> wrote:
: Can someone help me please? this doesn't even attempt to do anything
: with the second foreach...
:
: foreach $displayName (keys %serverList)
: {
: foreach $uName (keys %{$displayName})
: {
: print "$displayName{$uName}\n";
: }
: }
You didn't give much information about your datastructures, but should
you have written the following instead?
foreach $displayName (keys %serverList) {
foreach $uName (keys %{ $serverList{$displayName} }) {
print $serverList{$displayName}->{$uName}, "\n";
}
}
In other words, is %serverList a hash of hashes?
Greg
--
Usenet is like a herd of performing elephants with diarrhea; massive,
difficult to redirect, awe-inspiring, entertaining, and a source of
mind-boggling amounts of excrement when you least expect it.
-- Gene Spafford
------------------------------
Date: Wed, 23 Aug 2000 14:25:19 GMT
From: rgarciasuarez@free.fr (Rafael Garcia-Suarez)
Subject: Re: newbie question - dont flame me
Message-Id: <slrn8q7o19.fbp.rgarciasuarez@rafael.kazibao.net>
filosmith@my-deja.com wrote in comp.lang.perl.misc:
>Can someone help me please? this doesn't even attempt to do anything
>with the second foreach...
>
>foreach $displayName (keys %serverList)
>{
> foreach $uName (keys %{$displayName})
> {
> print "$displayName{$uName}\n";
print "$displayName->{$uName}\n";
> }
>}
'use strict' at the beginning of your script would have told you what
was wrong...
--
Rafael Garcia-Suarez
------------------------------
Date: Wed, 23 Aug 2000 14:21:04 GMT
From: amonotod <amonotod@netscape.net>
Subject: Re: newbie question - dont flame me
Message-Id: <8o0mjq$hhf$1@nnrp1.deja.com>
In article <8o0l0f$fkj$1@nnrp1.deja.com>,
filosmith@my-deja.com wrote:
> Can someone help me please? this doesn't even attempt to do anything
> with the second foreach...
>
> foreach $displayName (keys %serverList)
> {
> foreach $uName (keys %{$displayName})
foreach $uName (keys %{$serverList{$displayName}})
> {
> print "$displayName{$uName}\n";
print "$serverList{$displayName}{$uName}\n";
> }
> }
perldoc -q hashes of hashes
HTH,
amonotod
--
`\|||/ amonotod@
(@@) netscape.net
ooO_(_)_Ooo________________________________
_____|_____|_____|_____|_____|_____|_____|_____|
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: 23 Aug 2000 14:20:37 GMT
From: Ilmari Karonen <iltzu@sci.invalid>
Subject: Re: newbie question about "uninitialized variables"
Message-Id: <967039775.3266@itz.pp.sci.fi>
In article <39a297e2.6817880@news.earthlink.net>, Jon S. wrote:
>Is there a way to make these warnings show up "pretty" in my returned
>html? I've got CGI::Carp going with fatalstoBrowser and a few warn
>and die statements, but I'd like to have my warnings go to the browser
>also. Right now, they get placed oddly in the output. (Like, in
The latest version of CGI::Carp (1.20) includes a patch I wrote that
adds this feature. See http://search.cpan.org/search?dist=CGI.pm
--
Ilmari Karonen - http://www.sci.fi/~iltzu/
Please ignore Godzilla | "By promoting postconditions to
and its pseudonyms - | preconditions, algorithms become
do not feed the troll. | remarkably simple." -- Abigail
------------------------------
Date: Wed, 23 Aug 2000 14:45:35 GMT
From: dwilson6660@my-deja.com
Subject: NT drive mappings-newbee question
Message-Id: <8o0o28$jkc$1@nnrp1.deja.com>
I map a network drive usint the following script:
Connect_MD001();
sub Connect_MD001
{
use Win32::NetResource;
$server = "xxx1";
$adminshare = "D";
%NetResource = (LocalName => 'T:',
RemoteName => "\\\\$server\\$adminshare\$", );
} #end sub MD001
I can see the T: drive in a net use but the problem is that I can't
figure out how to change directoried to it. I used system s\:\\; and
various syntexes of it, chdir and serveral other ways but when I do a
system dir in the script it gives me the directory of where the script
is runnung.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 23 Aug 2000 13:25:08 GMT
From: zideon@my-deja.com
Subject: Re: Perl and dates
Message-Id: <8o0jb0$dof$1@nnrp1.deja.com>
Oops, I forgot something ;) How can I print a date when I know the day
of the year and the year??
P.E.
($year, $dayofyear) = (localtime(time))[5,7];
Now I have $year and $dayofyear I would like to print something like:
August 23, 2000.
Thanx again!
Zid
In article <8o0h8i$b40$1@nnrp1.deja.com>,
zideon@my-deja.com wrote:
> Hello,
>
> How can I get the week of the year with a Perl script. My webhost
> provider hasn't installed the CPAN DATE::CALC module.
>
> Regards,
> Zid
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: 23 Aug 2000 08:41:29 -0500
From: Tony Curtis <tony_curtis32@yahoo.com>
Subject: Re: Perl and dates
Message-Id: <877l98m6wm.fsf@limey.hpcc.uh.edu>
>> On Wed, 23 Aug 2000 13:25:08 GMT,
>> zideon@my-deja.com said:
> Oops, I forgot something ;) How can I print a date when
> I know the day of the year and the year?? P.E. ($year,
> $dayofyear) = (localtime(time))[5,7];
> Now I have $year and $dayofyear I would like to print
> something like: August 23, 2000.
perldoc POSIX
--> strftime
use POSIX 'strftime';
my $then = strftime('%B %d, %Y', 0, 0, 0, 0, 0, 100, 0, 123, 0);
print "$then\n";
== May 03, 2000
is probably what you want.
hth
t
--
"I'm not easily impressed. Wow! A blue car!"
Homer Simpson
------------------------------
Date: Wed, 23 Aug 2000 14:11:09 GMT
From: behrens@haulpak.com (Astrid Behrens)
Subject: Re: PLEASE HELP !!! What is wrong with Windows...
Message-Id: <slrn8q7nba.2vl.behrens@pc32.haulpak.com>
Dowe Keller <dowe@krikkit.localdomain> wrote:
>On Tue, 22 Aug 2000 20:27:36 GMT, comet999 <comet999@my-deja.com> wrote:
>>Hi,
>>
>>I'm using the following code to dump the contents of a db ("cats.db")
>>and running into problems. The code works just fine on Unix. But, when
>>I try the same code on Windows NT the output is blank as if there were
>>no records in the database. On unix this code prints 4 records.
>>
>>I'm using ActivePerl on Windows NT.
>>
>>Can someone shed some light please. Thanks.
>>
>>***********************************************************************
>>use AnyDBM_File;
>>
>>%cats = &readdatabase("h:\data\cats");
>
>Make that:
>
>%cats = &readdatabase("h:\\data\\cats");
>
Or "h:/data/cats" should work too, unless you're planning to pass that
to a Windows system command.
I just hate all those silly backslashes.
Astrid
------------------------------
Date: Wed, 23 Aug 2000 14:02:33 GMT
From: "Philip Garrett" <philipg@atl.mediaone.net>
Subject: Re: Problem accessing CGI.pm
Message-Id: <ZPQo5.62165$rd1.11084277@typhoon-news1.southeast.rr.com>
Pham <pham@148.123.86.151> wrote in message
news:39A38216.16EFB043@148.123.86.151...
> My Perl script works fine under Linux but when moving it onto a
> Solaris server I have trouble running the script because problem with
> accessing CGI.pm. It can't see CGI.pm even though the module is on the
> system. So I wonder if there is any config. files or variables on the
> system that should be reconfigured?
How do you expect us to be able to help if you don't give us any relevant
information?
What do you mean by "problem with accessing CGI.pm", and "can't see CGI.pm?"
Are you getting any error messages?
How do you know it's on the system?
------------------------------
Date: Wed, 23 Aug 2000 20:59:59 +0800
From: Patrick SO <so.hon-chu@graduate.hku.hk>
Subject: Problem on Netscape::History.
Message-Id: <39A3CACE.FCBEF1FC@graduate.hku.hk>
Hi all,
I have a problem when using the package Netscape::History to access a
netscape history database, history.dat.
I used the following simple perl script to do the job.
------------------------------------------------------------------------------------------------
use Netscape::History;
use Date::Format;
use strict;
my $history;
my $url;
$Netscape::History::NETSCAPE_VERSION = 4.7;
$history = new Netscape::History("history.dat");
while (defined($url = $history->next_url() ))
{
print "$url :\n";
print " First : ", ctime($url->first_visit_time());
print " Last : ", ctime($url->last_visit_time());
print " Count : ", $url->visit_count(), "\n";
print " Expire : ", $url->expire(), "\n";
print " Title : ", $url->title(), "\n";
}
$history->close();
-------------------------------------------------------------------------------------------------
When I executed the above script through ActivePerl in Win98, I got the
following error:
-------------------------------------------------------------------------------------------------
failed to tie to history database history.dat: File exists
at netscape_hst.pl line 10
Can't call method "next_url" on an undefined value at netscape_hst.pl
line 11.
--------------------------------------------------------------------------------------------------
I could not figure out why the program failed according to the above
error messages.
I would be appreciated if anyone could give me advices.
Thank you very much.
Patrick SO
so.hon-chu@graduate.hku.hk
------------------------------
Date: Wed, 23 Aug 2000 23:57:27 +1000
From: mgjv@tradingpost.com.au (Martien Verbruggen)
Subject: Re: Problem on Netscape::History.
Message-Id: <slrn8q7m27.5ap.mgjv@martien.heliotrope.home>
On Wed, 23 Aug 2000 20:59:59 +0800,
Patrick SO <so.hon-chu@graduate.hku.hk> wrote:
> Hi all,
>
> I have a problem when using the package Netscape::History to access a
> netscape history database, history.dat.
> I used the following simple perl script to do the job.
> ------------------------------------------------------------------------------------------------
>
> use Netscape::History;
> use Date::Format;
> use strict;
>
> my $history;
> my $url;
>
> $Netscape::History::NETSCAPE_VERSION = 4.7;
>
> $history = new Netscape::History("history.dat");
This call failed.
> while (defined($url = $history->next_url() ))
And I can see that from the second error message:
> failed to tie to history database history.dat: File exists
> at netscape_hst.pl line 10
> Can't call method "next_url" on an undefined value at netscape_hst.pl
> line 11.
Because $history is undefined there.
To prevent the program from blindly continuing, you should check for
success:
$history = new Netscape::History("history.dat")
or die "Cannot open history.dat";
That first error message comes from the tie to the db file name. Looks
like DB_File on ActiveState perl is behaving differently from the one on
unices? Anyone here have experience with DB_File under Activestate?
Martien
--
Martien Verbruggen |
Interactive Media Division | In a world without fences, who needs
Commercial Dynamics Pty. Ltd. | Gates?
NSW, Australia |
------------------------------
Date: Wed, 23 Aug 2000 14:16:53 GMT
From: amonotod <amonotod@netscape.net>
Subject: Re: Problem on Netscape::History.
Message-Id: <8o0mc0$hd1$1@nnrp1.deja.com>
In article <39A3CACE.FCBEF1FC@graduate.hku.hk>,
Patrick SO <so.hon-chu@graduate.hku.hk> wrote:
<snip>
> $history = new Netscape::History("history.dat");
<snip>
> failed to tie to history database history.dat: File exists
> at netscape_hst.pl line 10
> Can't call method "next_url" on an undefined value at netscape_hst.pl
> line 11.
This is conjecture, as I haven't used the module. But, according to:
http://theoryx5.uwinnipeg.ca/CPAN/data/Netscape-History/Netscape/History
.html,
it seems to me like you should be doing:
$history = Netscape::History->new('/path/to/history.dat');
HTH,
amonotod
--
`\|||/ amonotod@
(@@) netscape.net
ooO_(_)_Ooo________________________________
_____|_____|_____|_____|_____|_____|_____|_____|
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 23 Aug 2000 23:11:13 +1000
From: mgjv@tradingpost.com.au (Martien Verbruggen)
Subject: Re: Programming Ethics
Message-Id: <slrn8q7jbh.5ap.mgjv@martien.heliotrope.home>
On Wed, 23 Aug 2000 12:21:02 GMT,
Tim Hammerquist <tim@degree.ath.cx> wrote:
>
> My meaning is that, to some degree, all of us might me disqualified
> due to the fact that we are all (at times) egomaniac talking heads
> making philosophical speeches about the right and wrong of a purely
> subjective field.
Hey! Speak for yourself, willya?
I personally don't think at all that there is any ground for you to
assume that I would want to hold a speech about anything, let alone
philosophically about subjective matters. I am always objective.
Right is only right if it is the Right Thing(TM), and we all can clearly
identify what and when that occurs. Wrong is any product that has a name
starting with 'e-' or ending in 'portal'. Any sentence that has 'savvy'
in it somewhere is also Wrong. Most products originating in Redmond are
wrong. John Howard[1] is wrong. Brussels sprouts are borderlining on
wrong. Four wheel drive trucks in yuppie inner city suburbs are wrong.
I don't really have a problem with the egomaniac bit.
Now, if I only could remember why I was reading this group...
Martien
[1] In case you didn't know, he's the Australian prime minister.
PS. Experience has taught me that the following is needed in cases like
this: ;-)
--
Martien Verbruggen |
Interactive Media Division | Freudian slip: when you say one
Commercial Dynamics Pty. Ltd. | thing but mean your mother.
NSW, Australia |
------------------------------
Date: Wed, 23 Aug 2000 13:18:58 GMT
From: kcivey@cpcug.org (Keith Calvert Ivey)
Subject: Re: Regular expression, $1 in a $variable.
Message-Id: <39a6cee2.37813676@news.newsguy.com>
neil@brevity.org (Neil Kandalgaonkar) wrote:
>Steve Mading <madings@baladi.bmrb.wisc.edu> wrote:
>> $str =~ s/([0-9]+)\.txt/$1-num-text/eg;
>
>I don't think that's what you want. perl would think the replacement was
>the results of evaluating $1 minus num() minus text().
Actually it's $1 minus 'num' minus 'text', unless you have
previously defined subroutines called num() and text().
--
Keith C. Ivey <kcivey@cpcug.org>
Washington, DC
------------------------------
Date: Wed, 23 Aug 2000 14:37:49 GMT
From: jason <elephant@squirrelgroup.com>
Subject: Re: Uploading files via post form
Message-Id: <MPG.140e7f2be53e75249896df@localhost>
alonio@my-deja.com <alonio@my-deja.com> wrote ..
>I know how to make the form for uploading a file:
>
><FORM ENCTYPE="multipart/form_data" METHOD="post" ...>
>...
><INPUT TYPE=file ...>
>...
></FORM>
>
>BUT I don't know how to receive the data in a cgi perl script.
>I tried the <STDIN> or the 'QUERY_STING' but didn't succeed.
>
>Can you help?
yup .. LDS et al. to your rescue .. type the following at a command
prompt for more information on the CGI module - which depending on the
version that you have handles file uploads easily or brilliantly
perldoc CGI
--
jason -- elephant@squirrelgroup.com --
------------------------------
Date: Wed, 23 Aug 2000 14:41:46 +0100
From: Derek Fountain <nomail@hursley.ibm.com>
Subject: User ID - someone explain?
Message-Id: <39A3D49A.88F2ECE6@hursley.ibm.com>
I have Perl 5.005 and Perl 5.6 on my SuSE-6.4 Linux machine.
I'm trying to work out the behaviour of the user id. I
understand user ids, effective user ids (or at least I think
I do) but can't understand what Perl will and won't do.
To start with, I have this:
> ls -l test
-rwsr-sr-x 1 root root 260 Aug 23 14:29 test*
which contains:
> cat ./test
#!/usr/bin/perl -w
#!/opt/perl-5.6/bin/perl -w
use English;
print "User is $UID\n";
print "EUser is $EUID\n";
print "Group is $EGID\n";
$UID = 500;
$EUID = 500;
print "User is $UID\n";
print "EUser is $EUID\n";
print "Group is $EGID\n";
So I'm trying this with Perl 5.005 (/usr/bin/perl) and my
privately compiled 5.6. I've tried adding the -T switch (the
camel book implies tainting is important) but it makes no
difference that I can see, and the explanation is less than
clear at the moment.
When I run the script with 5.005 as myself (uid=500) I get:
> ./test
Can't do setuid
When I switch to root I get:
> ./test
User is 0
EUser is 0
Group is 0 65534 17 16 15 14 1 0
User is 500
EUser is 500
Group is 0 65534 17 16 15 14 1 0
Basically the setuid() works in order to give away
priviledges, but Perl can't run the "setuid script"
as root at all.
I switch to Perl 5.6, and, as myself, try again:
> ./test
User is 500
EUser is 500
Group is 100 33 17 16 14 100
User is 500
EUser is 500
Group is 100 33 17 16 14 100
Well, at least this time it ran, but not setuid. As root I
get:
> ./test
User is 0
EUser is 0
Group is 0 65534 17 16 15 14 1 0
User is 500
EUser is 500
Group is 0 65534 17 16 15 14 1 0
which is as before.
So, the questions are, what is the difference between 5.005
and 5.6 in this respect? and can I run a script with the
setuid bit set?
------------------------------
Date: Wed, 23 Aug 2000 14:26:37 GMT
From: amonotod <amonotod@netscape.net>
Subject: Re: User ID - someone explain?
Message-Id: <8o0mu4$i4t$1@nnrp1.deja.com>
In article <39A3D49A.88F2ECE6@hursley.ibm.com>,
Derek Fountain <nomail@hursley.ibm.com> wrote:
> I have Perl 5.005 and Perl 5.6 on my SuSE-6.4 Linux machine.
> I'm trying to work out the behaviour of the user id. I
> understand user ids, effective user ids (or at least I think
> I do) but can't understand what Perl will and won't do.
>
> To start with, I have this:
>
> > ls -l test
> -rwsr-sr-x 1 root root 260 Aug 23 14:29 test*
<snip>
> So, the questions are, what is the difference between 5.005
> and 5.6 in this respect? and can I run a script with the
> setuid bit set?
>
I may get lots of argument on this, but it seems to me that the Perl
binary would have to be setuid, not the script. Hence the setuid Perl
that is shipped with many versions of Linux.
HTH,
amonotod
--
`\|||/ amonotod@
(@@) netscape.net
ooO_(_)_Ooo________________________________
_____|_____|_____|_____|_____|_____|_____|_____|
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: 16 Sep 99 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 16 Sep 99)
Message-Id: <null>
Administrivia:
The Perl-Users Digest is a retransmission of the USENET newsgroup
comp.lang.perl.misc. For subscription or unsubscription requests, send
the single line:
subscribe perl-users
or:
unsubscribe perl-users
to almanac@ruby.oce.orst.edu.
| NOTE: The mail to news gateway, and thus the ability to submit articles
| through this service to the newsgroup, has been removed. I do not have
| time to individually vet each article to make sure that someone isn't
| abusing the service, and I no longer have any desire to waste my time
| dealing with the campus admins when some fool complains to them about an
| article that has come through the gateway instead of complaining
| to the source.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
To request back copies (available for a week or so), send your request
to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
where x is the volume number and y is the issue number.
For other requests pertaining to the digest, send mail to
perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
sending perl questions to the -request address, I don't have time to
answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V9 Issue 4105
**************************************
