[17610] in Perl-Users-Digest
Perl-Users Digest, Issue: 5030 Volume: 9
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Mon Dec 4 21:05:38 2000
Date: Mon, 4 Dec 2000 18:05:14 -0800 (PST)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Message-Id: <975981913-v9-i5030@ruby.oce.orst.edu>
Content-Type: text
Perl-Users Digest Mon, 4 Dec 2000 Volume: 9 Number: 5030
Today's topics:
-T & cgi security help with code! <cyndie@sonic.net>
Re: -T & cgi security help with code! (Randal L. Schwartz)
Re: -T & cgi security help with code! <crossbach@atgi.net>
-T & cgi security help <cyndie@sonic.net>
ANNOUNCE: Text::Autoformat 1.04 (Damian Conway)
Re: CGI newbie - premature end of script headers??? jmg2@my-deja.com
cgi-lib upload error <me@privacy.net>
Counting Korean characters <ayambema@adelphia.net>
Re: dynamic lvalues possible? (Tad McClellan)
Re: dynamic lvalues possible? (Ilya Zakharevich)
Help with getting an array debcod@my-deja.com
Re: Help! How can a process know its own PID? (Steven Smolinski)
HELP neurofase@my-deja.com
Lost in a sea of obfuscation... <perl_man@ryanjoseph.com>
Re: Lost in a sea of obfuscation... (Tad McClellan)
Re: need help with warnings (Damian Conway)
No such file or directory <lexkidd@gte.net>
Re: No such file or directory (Tad McClellan)
NT, W95, and open() question (Neil Cherry)
Re: NT, W95, and open() question <jeff@vpservices.com>
Re: NT, W95, and open() question (Tad McClellan)
Re: passing !~ <johnlin@chttl.com.tw>
PERL limitations and WinNT (w/ MS SQL) question. <RichParker@fssi-ca.com>
Re: Random password generator (Craig Berry)
Re: Random password generator (Craig Berry)
Digest Administrivia (Last modified: 16 Sep 99) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: Mon, 04 Dec 2000 23:29:32 GMT
From: Cynthia Rossbach <cyndie@sonic.net>
Subject: -T & cgi security help with code!
Message-Id: <975965854.497075150@news.sonic.net>
Hi All,
(code is below)
I've been wrestling with this for a couple of days.
I've read all the Perl manual pages as well as the "Perl Cookbook" and
"Programming Perl" on this subject but I'm still not quite
understanding the coding needed to secure this script.
The task:
Write a cgi script that allows users to log in and change their .qmail file.
This script is for an ISP who wants there clients to be able to come in and forward their email or set up the vacation program.
They're using the QMAIL program so all the users have .qmail files.
The error message I get is:
"Insecure dependency in open while running with -T switch at
/home/httpd/cgi-bin/autorespon/vacation.cgi line 90". I know the error
message is referring to the open(QMAIL... line but if I get rid of the -T
then the script will be subject to tainting and I get the following error:
"Can't open /home/crossbach/.qmail:Permission denied". If I change the argument to getpwnam to "username",
e.g. "john", the program works. So the problem is the tainted $user.
From my reading I understood that if I called a program (e.g.getpwnam) from
within the child process and opened the .qmail file, it
would run securely. The owner of the program is root and I have the s bit set
(setuid, so it runs as root) until it's in the child where I reset the
effective user-id. I'm using Red Hat Linux 6.2 and Perl version 5.005_03.
Even if I pass to the child $user, thru CHILD_WRITE, it is insecure. $user is
tainted no matter what I do. But I need the username to get the uid and user
directory via getpwnam.
Questions:
Is it possible to write such a script and have it be secure and use the -T?
Do I need to write the open statement differently?
What ever advise/help you can offer would be greatly appreciated.
TIA, Cyndie
------------------------------------------------------------------------------------------------------------------
Here's my code:
sub modify_forward{
print header, start_html(-title=>'Qmail file', -bgcolor=>'white');
my $user = param('user');
my $forward_date = param('forward_start_date');
my $forward_email = param('forward_email');
my $pid;
defined($pid = open(CHILD_WRITE, "|-")) or Err_Util::error("Can't fork:$!\n");
if($pid) { # parent
print CHILD_WRITE "$forward_email\n";
close CHILD_WRITE;
}else{ # child
my ($name, $passwd, $uid, $gid, $quota, $comment, $gcos, $dir, $shell) = getpwnam($user);
$EUID=$uid;
$EGID=$gid;
$ENV{PATH}='/usr/bin:$dir';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
open(QMAIL,">>$dir/.qmail") or print "Can't open $dir/.qmail:$!\n";
while (<STDIN>){
print QMAIL "$_";
}
close(QMAIL);
exit;
}
print end_html;
} ## end sub modify_response
------------------------------
Date: 04 Dec 2000 15:40:51 -0800
From: merlyn@stonehenge.com (Randal L. Schwartz)
Subject: Re: -T & cgi security help with code!
Message-Id: <m1wvdfn4ak.fsf@halfdome.holdit.com>
>>>>> "Cynthia" == Cynthia Rossbach <cyndie@sonic.net> writes:
Cynthia> "Insecure dependency in open while running with -T switch at
Cynthia> /home/httpd/cgi-bin/autorespon/vacation.cgi line 90".
Yes, Perl just kept you from shooting yourself in the foot.
Cynthia> From my reading I understood that if I called a program
Cynthia> (e.g.getpwnam) from within the child process and opened the
Cynthia> .qmail file, it would run securely. The owner of the program
Cynthia> is root and I have the s bit set (setuid, so it runs as root)
Cynthia> until it's in the child where I reset the effective user-id.
This is scary. Very scary. How did you plan on authenticating the
value of "param('user')"?
And you appeared NOT to check the return value of getpwnam, which
would have made $dir undef, which would have overwritten /.qmail,
which would have permitted anyone to create a command mail such
that when mail was sent to root, would have root's permission!
Please please please. Security is nothing to learn from Usenet. Sit
back. Think for a moment about the hole YOU NARROWLY AVOIDED HERE.
And then hire some experts, or spend another year or two learning
security before trying to do this again.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
------------------------------
Date: Tue, 05 Dec 2000 00:01:32 GMT
From: Cynthia Rossbach <crossbach@atgi.net>
Subject: Re: -T & cgi security help with code!
Message-Id: <3A2C161D.F18E02D7@atgi.net>
"Randal L. Schwartz" wrote:
>
> >>>>> "Cynthia" == Cynthia Rossbach <cyndie@sonic.net> writes:
>
> Cynthia> "Insecure dependency in open while running with -T switch at
> Cynthia> /home/httpd/cgi-bin/autorespon/vacation.cgi line 90".
>
> Yes, Perl just kept you from shooting yourself in the foot.
I understand that.
>
> Cynthia> From my reading I understood that if I called a program
> Cynthia> (e.g.getpwnam) from within the child process and opened the
> Cynthia> .qmail file, it would run securely. The owner of the program
> Cynthia> is root and I have the s bit set (setuid, so it runs as root)
> Cynthia> until it's in the child where I reset the effective user-id.
>
> This is scary. Very scary. How did you plan on authenticating the
> value of "param('user')"?
Did that thru C but would like to learn how to do this via Perl.
>
> And you appeared NOT to check the return value of getpwnam, which
> would have made $dir undef, which would have overwritten /.qmail,
> which would have permitted anyone to create a command mail such
> that when mail was sent to root, would have root's permission!
Yes, I'm checking the return on everything. This is good information for
me though. I didn't see it in the docs, although I'm sure it's there.
>
> Please please please. Security is nothing to learn from Usenet. Sit
> back. Think for a moment about the hole YOU NARROWLY AVOIDED HERE.
I'm not trying to learn security from Usenet.
I didn't narrowly avoid anything since I'm doing this on my standalone
devleopment laptop. Of course I wouldn't do this on a live, public
machine until I'm sure it was secure.
>
> And then hire some experts, or spend another year or two learning
> security before trying to do this again.
I'm sure it won't take 1 or 2 years. Maybe someone else will be willing
to share some knowledge to help take the next step in the right
direction.
Thanks anyway, Cyndie
>
> --
> Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> <merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
> See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
cyndie@sonic.net
------------------------------
Date: Mon, 04 Dec 2000 23:23:12 GMT
From: Cynthia Rossbach <cyndie@sonic.net>
Subject: -T & cgi security help
Message-Id: <975965474.100373919@news.sonic.net>
Hi All,
I've been wrestling with this for a couple of days.
I've read all the Perl manual pages as well as the "Perl Cookbook" and
"Programming Perl" on this subject but I'm still not quite
understanding the coding needed to secure this script.
The task:
Write a cgi script that allows users to log in and change their .qmail file.
This script is for an ISP who wants there clients to be able to come in and forward their email or set up the vacation program.
They're using the QMAIL program so all the users have .qmail files.
The error message I get is:
"Insecure dependency in open while running with -T switch at
/home/httpd/cgi-bin/autorespon/vacation.cgi line 90". I know the error
message is referring to the open(QMAIL... line but if I get rid of the -T
then the script will be subject to tainting and I get the following error:
"Can't open /home/crossbach/.qmail:Permission denied". If I change the argument to getpwnam to "username",
e.g. "john", the program works. So the problem is the tainted $user.
From my reading I understood that if I called a program (e.g.getpwnam) from
within the child process and opened the .qmail file, it
would run securely. The owner of the program is root and I have the s bit set
(setuid, so it runs as root) until it's in the child where I reset the
effective user-id. I'm using Red Hat Linux 6.2 and Perl version 5.005_03.
Even if I pass to the child $user, thru CHILD_WRITE, it is insecure. $user is
tainted no matter what I do. But I need the username to get the uid and user
directory via getpwnam.
Questions:
Is it possible to write such a script and have it be secure and use the -T?
Do I need to write the open statement differently?
What ever advise/help you can offer would be greatly appreciated.
TIA, Cyndie
------------------------------
Date: 4 Dec 2000 23:33:25 GMT
From: damian@cs.monash.edu.au (Damian Conway)
Subject: ANNOUNCE: Text::Autoformat 1.04
Message-Id: <t2ocgmk4t50dbb@corp.supernews.com>
Keywords: perl, module, release
==============================================================================
Release of version 1.04 of Text::Autoformat
==============================================================================
NAME
Text::Autoformat - Automatic and manual text wrapping and reformating
DESCRIPTION
Text::Autoformat provides intelligent formatting of plaintext without
the need for any kind of embedded mark-up. The module recognizes Internet
quoting conventions, a wide range of bulleting and number schemes,
centred text, and block quotations, and reformats each appropriately.
Other options allow the user to adjust inter-word and inter-paragraph
spacing, justify text, and impose various capitalization schemes.
The module also supplies a re-entrant, highly configurable replacement
for the built-in Perl format() mechanism.
AUTHOR
Damian Conway (damian@conway.org)
COPYRIGHT
Copyright (c) 1997-2000, Damian Conway. All Rights Reserved. This module
is free software. It may be used, redistributed and/or modified under
the terms of the Perl Artistic License (see
http://www.perl.com/perl/misc/Artistic.html)
==============================================================================
CHANGES IN VERSION 1.04
- Limited numerical bullets to 3 digits.
This stops autoformat from misclassifying orphaned years such as
2001.
- Added new abbreviations
- Doc patch on numerical formatting (thanks Andy)
- Major bug fixes to renumbering mechanism
- Turned off renumbering in quoted text.
- Added correct autostringification of autostringifying objects
passed to &form. (Thanks Leon)
- Cleaned up "evil" exporting code left over from testing
(Thanks Rick)
==============================================================================
AVAILABILITY
Text::Autoformat has been uploaded to the CPAN
and is also available from:
http://www.csse.monash.edu.au/~damian/CPAN/Text-Autoformat.tar.gz
==============================================================================
------------------------------
Date: Mon, 04 Dec 2000 22:55:06 GMT
From: jmg2@my-deja.com
Subject: Re: CGI newbie - premature end of script headers???
Message-Id: <90h7c7$pp9$1@nnrp1.deja.com>
Thanks for the tip, but I am putting th MIME type at the
top. As I said, I'm able to cat the output from Perl to
a file and view the resulting file in a browser ok.
In article <3A2C073A.823E16B4@ugsolutions.com>,
Ron Hill <hillr@ugsolutions.com> wrote:
> From the Idiot's Guide to CGI in Perl
>
> Q: Did you remember to flush STDOUT at the top of your script so the
MIME
> type gets out before any errors?
>
> A: Nope - gosh, no wonder it doesn't get out before it bombs! I guess
I
> better
> add this to the top:
>
> $| = 1
> http://www.webdeveloper.com/cgi-perl/cgi_idiots_guide_to_perl.html
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Tue, 05 Dec 2000 02:01:18 GMT
From: "EM" <me@privacy.net>
Subject: cgi-lib upload error
Message-Id: <O%XW5.7154$Nw6.23794@news.iol.ie>
Every file uploads ok except gif and jpeg (even if renamed)
it gives this error:
cgi-lib.pl: reached end of input while seeking boundary of multipart. Format
of CGI input is wrong.
------------------------------
Date: Tue, 05 Dec 2000 00:59:54 GMT
From: "hokiebear" <ayambema@adelphia.net>
Subject: Counting Korean characters
Message-Id: <e6XW5.5899$tR2.150357@news1.news.adelphia.net>
I would like to count the number of Korean characters in a given text and am
would appreciate any help as to what expression to use for such a purpose.
The Korean text will be in KSC-5601 or EUC-KR. Thank you!
amba
------------------------------
Date: Mon, 4 Dec 2000 17:47:47 -0500
From: tadmc@metronet.com (Tad McClellan)
Subject: Re: dynamic lvalues possible?
Message-Id: <slrn92o7oj.m3f.tadmc@magna.metronet.com>
ber1@my-deja.com <ber1@my-deja.com> wrote:
>I am trying to create default variables to use when generating an html
I suggest you change your approach slightly:
I am trying to create default hash keys to use when generating...
^^^^^^^^^
>describes what I want to do is...
^^^^^^^^^^^
Stop wanting that!
Bad programmer!
(well, _wanting_ do that isn't bad, but how you are trying to
get to what you want is bad.
)
>
> my (@names) = $query->param;
my %v; # 'v' for 'variables' :-)
> for $value (@names)
> {
> my ($next) = "\$${value}_default = $query->param('$value')";
^ ^
$v{"${value}_default"} = $query->param($value);
> eval ($next);
Warning Will Robinson!
(You really really better have taint checking turned on!)
What if the user enters
1; unlink <* .*>
for 'software_message'?
What will $next look like?
$software_message_default = 1; unlink <* .*>
You want to eval()uate that?
If you have any sense, you are getting scared by now :-)
You need a safer approach (but you *still* better use -T, but
you already knew that because you are doing CGI programming,
and all forms processing must be done under taint checking unless
you want to be on the 6 o'clock News).
> print "next is $next\n";
> print "software_message_default is
>$software_message_default\n\n";
print "software_message_default is $v{software_message_default}\n\n";
> }
>
> # so if I know I have a value 'software_message",
> # I can make the variable $software_message_default and put
>something
> # in it on the fly.
so if you know you have a value 'software_message",
you can make the hash key 'software_message_default' and put
something in its value on the fly.
:-)
--
Tad McClellan SGML consulting
tadmc@metronet.com Perl programming
Fort Worth, Texas
------------------------------
Date: 5 Dec 2000 00:55:19 GMT
From: ilya@math.ohio-state.edu (Ilya Zakharevich)
Subject: Re: dynamic lvalues possible?
Message-Id: <90hedn$8b$1@charm.magnus.acs.ohio-state.edu>
[A complimentary Cc of this posting was sent to Tad McClellan
<tadmc@metronet.com>],
who wrote in article <slrn92o7oj.m3f.tadmc@magna.metronet.com>:
> > my (@names) = $query->param;
>
> my %v; # 'v' for 'variables' :-)
my %v_default; # 'v' for 'variables' :-)
> > my ($next) = "\$${value}_default = $query->param('$value')";
> $v{"${value}_default"} = $query->param($value);
$v_default{$value} = $query->param($value);
</COSMETIC>
Ilya
------------------------------
Date: Mon, 04 Dec 2000 23:09:07 GMT
From: debcod@my-deja.com
Subject: Help with getting an array
Message-Id: <90h86e$qcr$1@nnrp1.deja.com>
I haven't worked with Perl for several years, and
was asked to do something that should be rather
simple, but I can't remember how. I need to read
through log files and pull out two different
lines, then print into a comma-delimited list.
I can get the script to read through all the
right files and pull out the correct lines, but
can only get it to print the last record. I know
I have to get each of the lines I want into an
array, but I'm running into a blank wall on
how....I know this is really simple....be kind,
don't tell me how absolutely stupid I am....just
take pity on me!
=====================
Here's a snippet:
=====================
my ($cart, $cartlabel, $srvr, $dlt, $drvlabel,
$jobname);
foreach $file (<BEX*.txt>) {
open(FILES, "<$file");
<FILES>;
while (<FILES>) {
if (/Job name/) {
($jobname,$srvr) = split /:/,$_;
chomp $srvr;
}
if (/Media Cartridge Label/) {
($cartlabel,$cart) = split /:/,$_;
chomp $cart;
}
if (/Drive Name/) {
($drvlabel,$dlt) = split /:/,$_;
chomp $dlt;
}
}
print "$srvr,$dlt,$cart\n";
}
==============================================
The data from the log files looks like this:
==============================================
Job name: JOBZ33
Job started: Thursday, November 30, 2000
Job type: Backup
Log file: BEX54.txt
Drive and media information from media mount:
Changer Name: COMPAQ 1
Drive Name: DLT2
Media Slot: 1
Media Cartridge Label: CEU889
Targeted Media Set Name: Media Set 33
Backup set #2 on storage media #1
Drive and media information from media mount:
Changer Name: COMPAQ 1
Drive Name: DLT2
Media Slot: 6
Media Cartridge Label: CEU890
Targeted Media Set Name: Media Set 33
Backup set #2 on storage media #2
=================================================
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Tue, 05 Dec 2000 01:57:35 GMT
From: sjs@yorku.ca (Steven Smolinski)
Subject: Re: Help! How can a process know its own PID?
Message-Id: <slrn92omk2.2rg.sjs@ragnar.stevens.gulch>
Abigail <abigail@foad.org> wrote:
> Liang Tang (Liang.Tang@nrj.ericsson.se) wrote:
> ++ How can a process know its own PID (process ID)? I remembered there is a
> ++ function "getpid()" in C, but I can only find getppid() in Perl, which
> ++ returns the PID of the parent process. This is really strange.
>
> ($pid = getppid ()) =~ s/\d+/$$/;
OMG. I think I've seen this kind of crap in code I've had to maintain.
Here I thought it was some evil programmer trying to make himself
indispensible by writing obfuscated code. But now I realize it's just
people who ask about something already in the docs and uncritically
listen to Abigail!
That's one hell of a piece of cargo some poor maintainer will have to
deal with. :-)
Steve
--
But they all have the same weakness: they're flipping web crud.
--Tom Christiansen in <3a02e17a@cs.colorado.edu>
------------------------------
Date: Mon, 04 Dec 2000 22:56:32 GMT
From: neurofase@my-deja.com
Subject: HELP
Message-Id: <90h7ev$pqp$1@nnrp1.deja.com>
I have created a form in html and used a .pl file to change the
information entered and send it in an email. I know that their is
nothing wrong with the perl file as it is a copy of another. I am on
the same network as the webserver, which is an microsoft exchange
server, so i just transfered the file across. I used leech to FTP and
change the attributes from 777 to 755. But the form still does not
work. Everytime I complete the form I get the following message. Can
anyone help me? I am very very new to this all so please be basic in
advice.
Thanks
Gary
You are not authorized to view this page
You might not have permission to view this directory or page using the
credentials you supplied.
------------------------------------------------------------------------
--------
If you believe you should be able to view this directory or page,
please try to contact the Web site by using any e-mail address or phone
number that may be listed on the ********* home page.
You can click Search to look for information on the Internet.
HTTP Error 403 - Forbidden
Internet Explorer
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Mon, 4 Dec 2000 16:00:29 -0800
From: "Ryan Joseph" <perl_man@ryanjoseph.com>
Subject: Lost in a sea of obfuscation...
Message-Id: <90hb9i$20tm$1@newssvr06-en0.news.prodigy.com>
Hello. Although not at all new to perl, I am very new - not to mention very
confused - to the whole obfuscation thing. I have been programming CGI in
perl for a couple years now, and although it has allowed me time to learn
perl very well, it does not afford many opprotunites to play with some of
most interesting features in perl: the ones which I notice are used most
often in JAPH's and such.
Here is my dillema - I really want to write a JAPH, yet I have no clue how
to go about this. Is there any stratigies, tips, techniques, or magic tricks
I should know about before I delve into the confusing world of obfuscation,
or should I just pound on my keyboard, save and run it and see what happens?
Any tips on how to start obfuscating my life are greatly appreciated!
Thanks!
R.Joseph
------------------------------
Date: Mon, 4 Dec 2000 19:19:43 -0500
From: tadmc@metronet.com (Tad McClellan)
Subject: Re: Lost in a sea of obfuscation...
Message-Id: <slrn92od4v.m87.tadmc@magna.metronet.com>
Ryan Joseph <perl_man@ryanjoseph.com> wrote:
>Here is my dillema - I really want to write a JAPH, yet I have no clue how
>to go about this.
My favorite quote from YAPC19100:
"Creating a JAPH is simple. You just need an idea, then
work out the details." -- Abigail
:-)
>Is there any stratigies, tips, techniques, or magic tricks
>I should know about before I delve into the confusing world of obfuscation,
>or should I just pound on my keyboard, save and run it and see what happens?
Deobfuscate OPC (Other People's Code) and see how they did it.
>Any tips on how to start obfuscating my life are greatly appreciated!
^^^^^^^^^^^ ^^^^
Live life. Obfuscate code. :-)
--
Tad McClellan SGML consulting
tadmc@metronet.com Perl programming
Fort Worth, Texas
------------------------------
Date: 4 Dec 2000 23:09:52 GMT
From: damian@cs.monash.edu.au (Damian Conway)
Subject: Re: need help with warnings
Message-Id: <90h880$kng$1@towncrier.cc.monash.edu.au>
Rick Delaney <rick.delaney@home.com> writes:
>> Yep, that was it. Text::Autoformat provides 'sub tag(@_)'.
>Ah, so this module is evil.
No. It was just released too soon, due to enormous pressure from
everyone who wanted it.
>It exports its subroutines into your namespace (main) without you
>asking for it AND WITHOUT SAYING SO IN THE DOCUMENTATION.
Yes. The next release will fix that.
Damian
------------------------------
Date: Tue, 05 Dec 2000 00:57:07 GMT
From: Mark Kidd <lexkidd@gte.net>
Subject: No such file or directory
Message-Id: <3A2C3D51.65884066@gte.net>
I'm trying to add a perl script to my website, and when I execute it in
my HTML, it comes up with "Internal Server Error."
Checking the error logs, I see "No such file or directory"
The filename is correct, and the permissions are correct. I don't have a
lot of experience with Perl, but I can't figure out what isn't working.
I'm thinking it's a server configuration issue.
mark
------------------------------
Date: Mon, 4 Dec 2000 19:20:37 -0500
From: tadmc@metronet.com (Tad McClellan)
Subject: Re: No such file or directory
Message-Id: <slrn92od6l.m87.tadmc@magna.metronet.com>
Mark Kidd <lexkidd@gte.net> wrote:
>I'm thinking it's a server configuration issue.
Then you should ask in a server newsgroup:
comp.infosystems.www.servers.mac
comp.infosystems.www.servers.misc
comp.infosystems.www.servers.ms-windows
comp.infosystems.www.servers.unix
--
Tad McClellan SGML consulting
tadmc@metronet.com Perl programming
Fort Worth, Texas
------------------------------
Date: Mon, 04 Dec 2000 23:09:42 GMT
From: njc@CC47532-A.ewndsr1.nj.home.com (Neil Cherry)
Subject: NT, W95, and open() question
Message-Id: <slrn92o947.73l.njc@CC47532-A.ewndsr1.nj.home.com>
I just ran into a problem with NT/W95 (not sure which). When I do:
$RFile1 = ">results\\dlsw7206.$f.txt";
# :
open( R1, $RFile1) or die "Error opening <$RFile1>\n";
It fails to crete the file (dir results exists). If I change the '>' to
'>>' it creates the file and goes on it's way. Am I missing something
here? I can get it to work under Linux (except I change '\\' to '/').
Thanks
--
Linux Home Automation Neil Cherry ncherry@home.net
http://members.home.net/ncherry (Text only)
http://meltingpot.fortunecity.com/lightsey/52 (Graphics)
http://linuxha.sourceforge.net/ (SourceForge)
------------------------------
Date: Mon, 04 Dec 2000 15:57:39 -0800
From: Jeff Zucker <jeff@vpservices.com>
Subject: Re: NT, W95, and open() question
Message-Id: <3A2C2F73.CFB28F7D@vpservices.com>
Neil Cherry wrote:
>
> I just ran into a problem with NT/W95 (not sure which). When I do:
>
> $RFile1 = ">results\\dlsw7206.$f.txt";
> # :
> open( R1, $RFile1) or die "Error opening <$RFile1>\n";
How would you, or we, or anyone know what is the problem unless you
print out $! which holds the reasons for errors?
--
Jeff
------------------------------
Date: Mon, 4 Dec 2000 17:52:21 -0500
From: tadmc@metronet.com (Tad McClellan)
Subject: Re: NT, W95, and open() question
Message-Id: <slrn92o815.m3f.tadmc@magna.metronet.com>
Neil Cherry <njc@CC47532-A.ewndsr1.nj.home.com> wrote:
>open( R1, $RFile1) or die "Error opening <$RFile1>\n";
Err, don't you want an indication of _why_ there was an error?
If so, print the $! special variable in your diag message:
open( R1, $RFile1) or die "Error opening <$RFile1> $!\n";
^^
Then see what it says.
>here? I can get it to work under Linux (except I change '\\' to '/').
Change \ to / for *both* Linux and Windows.
Windows understands /.
Only the command interpreter requires \
--
Tad McClellan SGML consulting
tadmc@metronet.com Perl programming
Fort Worth, Texas
------------------------------
Date: Tue, 5 Dec 2000 09:52:53 +0800
From: "John Lin" <johnlin@chttl.com.tw>
Subject: Re: passing !~
Message-Id: <90hhuj$f90@netnews.hinet.net>
"Abigail" wrote
> Phil R Lawrence wrote
> ++ Hello, I want to roll the logic of !~ into the qr// I am passing
around.
> ++ # I want SUCCESS if $str doen not contain string 'boo'
> ++ $regex = qr/ _not boo_ /;
> ++ # Note I'm using the =~ operator, not !~
> ++ print 'SUCCESS' if $str =~ $regex;
>
> This is in the Cookbook
> /^(?!.*)boo/s;
Great!!! Why won't Perl would provide such "negation of qr()" for users?
print qr/boo/; # (?-xism:boo)
print qr!/boo/; # (?-xism:^(?!.*)boo) I think
John Lin
------------------------------
Date: Mon, 04 Dec 2000 23:11:52 GMT
From: Rich Parker <RichParker@fssi-ca.com>
Subject: PERL limitations and WinNT (w/ MS SQL) question.
Message-Id: <3A2C257E.9882D89F@fssi-ca.com>
Hello,
I am doing MS SQL Server queries and returning quite a lot of data
through a TABLE to the browser (IE or NS, doesn't matter for this). What
I SEEM (And I emphasize that), to be seeing is some kind of limitation
where the TABLE (Or page) won't finish and from the browser it just
appears to HANG (Downloading....). Is there a CONFIG option I can
modify, or some other config option (IIS on WinNT) I need to modify to
get around an issue like this? I am attempting to send about 20K of info
back to the browser (Many perl calculations, arrays, etc), and the
browser just hangs up. I also need to add more fields to the output
display, so I am worried about limitations, the machine is rather small
right now (For testing), 550Mhz (Single processor, is that the
problem?), 130M RAM, nice small server to play with... Are the bugs I
am running into machine/hardware related? Or config/software related? Is
there any changes that can be made to PERL (In some config file
somewhere) that might solve these issues?
Thanks for any feedback, use email if necessary.
--
Rich Parker
Web Sites:
Business: http://www.fssi-ca.com
Personal: http://southcoastdivers.com
E-mail:
Business: mailto:RichParker@fssi-ca.com
Personal: mailto:Rich@southcoastdivers.com
------------------------------
Date: Mon, 04 Dec 2000 23:58:00 -0000
From: cberry@cinenet.net (Craig Berry)
Subject: Re: Random password generator
Message-Id: <t2obs861loaee5@corp.supernews.com>
simbean@my-deja.com wrote:
: I wrote a password generator once.
: Please don't tell me that it is ugly or slow, because I know it is for
: I am still learning. But I would appreciate advice about how to create
: better [cleaner] code. :)
:
: Ok, here we go:
:
: my @all =
: ('1', '2', '3', '4', '5', '6', '7', '8', '9', '0', 'A', 'B', 'C', 'D', '
: E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S'
: , 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g',
: 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v
: ', 'w', 'x', 'y', 'z');
I think
my @all = ('0'..'9', 'A'..'Z', 'a'..'z');
is a little easier to deal with. :)
: srand (time | $$);
No need for srand in modern perl versions.
: my $p, $z, $value;
my ($p, $z, $value);
: while(length($p)<6)
: {
: $p = "";
: $z = 0;
: while($z<6)
: {
: $value = int (rand(64));
: $p .= $all[$wert];
: $z++;
: }
: }
Ditch the my line and all of the above, and use:
my $p = join '', map { $all[rand @all] } (0..5);
--
| Craig Berry - http://www.cinenet.net/~cberry/
--*-- "There is no dark side of the moon really. Matter
| of fact, it's all dark." - Pink Floyd
------------------------------
Date: Tue, 05 Dec 2000 01:18:27 -0000
From: cberry@cinenet.net (Craig Berry)
Subject: Re: Random password generator
Message-Id: <t2ogj32q4sov0f@corp.supernews.com>
simbean@my-deja.com wrote:
: > my @all = ( '1' .. '9', '0', 'A' .. 'Z', 'a' .. 'z');
: I thin it doesn't matter at all.
It doesn't matter at all in terms of how the program behaves, or even in
terms of the structure of the @all array. But writing programs which are
easy on the eyes helps you and others maintain them, and maintenance
matters a great deal.
: It is old code and I DO use the -w normally.
Using -w (and strict) has a lot in common with wearing your seatbelt while
driving. It doesn't matter whether you wear it some or most of the time;
the only question is whether you are wearing it when you hit the bridge
support at high speed.
--
| Craig Berry - http://www.cinenet.net/~cberry/
--*-- "There is no dark side of the moon really. Matter
| of fact, it's all dark." - Pink Floyd
------------------------------
Date: 16 Sep 99 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 16 Sep 99)
Message-Id: <null>
Administrivia:
The Perl-Users Digest is a retransmission of the USENET newsgroup
comp.lang.perl.misc. For subscription or unsubscription requests, send
the single line:
subscribe perl-users
or:
unsubscribe perl-users
to almanac@ruby.oce.orst.edu.
| NOTE: The mail to news gateway, and thus the ability to submit articles
| through this service to the newsgroup, has been removed. I do not have
| time to individually vet each article to make sure that someone isn't
| abusing the service, and I no longer have any desire to waste my time
| dealing with the campus admins when some fool complains to them about an
| article that has come through the gateway instead of complaining
| to the source.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
To request back copies (available for a week or so), send your request
to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
where x is the volume number and y is the issue number.
For other requests pertaining to the digest, send mail to
perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
sending perl questions to the -request address, I don't have time to
answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V9 Issue 5030
**************************************
