[23513] in Perl-Users-Digest
Perl-Users Digest, Issue: 5722 Volume: 10
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Wed Oct 29 00:06:01 2003
Date: Tue, 28 Oct 2003 21:05:07 -0800 (PST)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Perl-Users Digest Tue, 28 Oct 2003 Volume: 10 Number: 5722
Today's topics:
Avoiding multiple cgi instances (brendan)
Re: Avoiding multiple cgi instances (Sam Holden)
Re: Avoiding multiple cgi instances <REMOVEsdnCAPS@comcast.net>
Re: building a e-commerce site <x@boog.co.uk>
Re: building a e-commerce site <REMOVEsdnCAPS@comcast.net>
Can't do setuid and file permision denied errors (Chris)
Re: Can't do setuid and file permision denied errors <usenet@morrow.me.uk>
Re: Can't do setuid and file permision denied errors <grazz@pobox.com>
Re: Finding out if a string has a trailing slash (David Efflandt)
Re: Finding out if a string has a trailing slash <REMOVEsdnCAPS@comcast.net>
Re: help... this perl is different... null values are c <REMOVEsdnCAPS@comcast.net>
Re: help... this perl is different... null values are c <uri@stemsystems.com>
Re: help... this perl is different... null values are c <jwillmore@remove.adelphia.net>
Interactive sessions on another box from Win32 <jcall@ellijay.com>
Re: multiline regular expression, is it possible? <REMOVEsdnCAPS@comcast.net>
Re: regex for stripping HTML <user@unknown.invalid>
Re: regex for stripping HTML <REMOVEsdnCAPS@comcast.net>
Re: strange effect with [:lower:] in perl <flavell@ph.gla.ac.uk>
Re: strange effect with [:lower:] in perl <usenet@morrow.me.uk>
Using 'crypt' command in perl script giving Insecure de (Ravi Bhave)
Re: Using 'crypt' command in perl script giving Insecur <jwillmore@remove.adelphia.net>
Digest Administrivia (Last modified: 6 Apr 01) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: 28 Oct 2003 20:13:58 -0800
From: brendan@symonty.org (brendan)
Subject: Avoiding multiple cgi instances
Message-Id: <282ee219.0310282013.306dc59c@posting.google.com>
hi all,
I'm writing a little script that just takes a http post and adds the
post to a messageboard page.
However, I'm concerned that Apache might activate my script while a
previous invocation is still active, causing all sorts of problems
because I haven't locked them as separate transactions.
Is there a way in Perl (or Apache) to make sure that a new invocation
won't be made until the first invocation is finished?
thanks!
------------------------------
Date: 29 Oct 2003 04:42:04 GMT
From: sholden@flexal.cs.usyd.edu.au (Sam Holden)
Subject: Re: Avoiding multiple cgi instances
Message-Id: <slrnbpuh8s.v9s.sholden@flexal.cs.usyd.edu.au>
On 28 Oct 2003 20:13:58 -0800, brendan <brendan@symonty.org> wrote:
> hi all,
>
> I'm writing a little script that just takes a http post and adds the
> post to a messageboard page.
>
> However, I'm concerned that Apache might activate my script while a
> previous invocation is still active, causing all sorts of problems
> because I haven't locked them as separate transactions.
>
> Is there a way in Perl (or Apache) to make sure that a new invocation
> won't be made until the first invocation is finished?
No.
You can simply obtain a lock of some sort in the script before actually
doing anything. Exclusively locking a certain file, for example.
Or use a backend that does it all for you (a database that supports
transactions, for example).
--
Sam Holden
------------------------------
Date: Tue, 28 Oct 2003 22:53:44 -0600
From: "Eric J. Roode" <REMOVEsdnCAPS@comcast.net>
Subject: Re: Avoiding multiple cgi instances
Message-Id: <Xns9422F30B34CCCsdn.comcast@216.196.97.136>
-----BEGIN xxx SIGNED MESSAGE-----
Hash: SHA1
brendan@symonty.org (brendan) wrote in
news:282ee219.0310282013.306dc59c@posting.google.com:
> I'm writing a little script that just takes a http post and adds the
> post to a messageboard page.
>
> However, I'm concerned that Apache might activate my script while a
> previous invocation is still active, causing all sorts of problems
> because I haven't locked them as separate transactions.
>
> Is there a way in Perl (or Apache) to make sure that a new invocation
> won't be made until the first invocation is finished?
In general, this is a bad idea. You should instead do the locking. Maybe
it's extra work, but it's scalable and is generally the Right Thing to do.
- --
Eric
$_ = reverse sort $ /. r , qw p ekca lre uJ reh
ts p , map $ _. $ " , qw e p h tona e and print
-----BEGIN xxx SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBP59HyWPeouIeTNHoEQLomQCgv0ZpJRztgvMwvX1Bu+Qb75M7tq4AoLev
7AagzdRRWY9/tNGsFeKuQlJN
=OtZN
-----END PGP SIGNATURE-----
------------------------------
Date: Wed, 29 Oct 2003 00:26:35 -0000
From: "Peter Cooper" <x@boog.co.uk>
Subject: Re: building a e-commerce site
Message-Id: <bnn26q$13h3lb$1@ID-194358.news.uni-berlin.de>
"stig" <_nospam_stigerikson@yahoo.se> wrote:
> <snip>
>
> where should i begin to look to get answers to the following questions?
> 1. modeling techniques, code re-use.
> 2. presentation layer (html), how to build it fast and good, and then
> how to connect it well to the underlaying perl-scripts?
You didn't ask this, but I have found it to be, perhaps, even more important
than good Perl programming.
Good SQL programming, database design, and database management.
You claim this is going to be 'considerably larger' than what you've done
before, so a database is probably going to be pretty crucial. Of course, you
might all be database experts, in which case you'll be fine.. but if you're
not, I'd devote more energy to the database than to your Perl programming at
this early stage.
> 3. is perl a good choice at all, if not, why and what should we look for?
Amazon uses Perl. That doesn't mean it's the best choice, but it's a good
one. I'd steer clear of PHP unless you're truly in tune with it. PHP's
natural style seems to encourage people to tie together logic and
presentation, which is "bad."
You might also consider looking at using XML-RPC or Soap based RPC systems
for keeping your presentation systems and logic systems separate. This can
also help a lot with modelling and code reuse, since if you have a solid
'backend' accessible through, say, XML-RPC, it's possibly to build multiple
clients, trash existing clients, and do whatever you like.. keeping
presentation and logic truly separate.
Good luck,
Pete
------------------------------
Date: Tue, 28 Oct 2003 22:44:43 -0600
From: "Eric J. Roode" <REMOVEsdnCAPS@comcast.net>
Subject: Re: building a e-commerce site
Message-Id: <Xns9422F183C4D4Fsdn.comcast@216.196.97.136>
-----BEGIN xxx SIGNED MESSAGE-----
Hash: SHA1
stig <_nospam_stigerikson@yahoo.se> wrote in news:bnmos4$3en$1
@oden.abc.se:
> hi
> i am going to be part of building a e-commerce website, for this we
> think that perl might be the choice of language, mainly because we have
> experience from it. we have build smaller e-commerce sites, but this
> will be considerably larger.
>
> where should i begin to look to get answers to the following questions?
> 1. modeling techniques, code re-use.
> 2. presentation layer (html), how to build it fast and good, and then
> how to connect it well to the underlaying perl-scripts?
> 3. is perl a good choice at all, if not, why and what should we look
for?
>
>
> also, are there any open-source web-shops that one can begin from, and
> where can they be found?
>
> any particular book recommended?
Perl is an outstanding choice.
And a crappy choice.
It depends on a lot of things. If your server is based on unix and
apache, if you have developers who are good with mod_perl or FastCGI,
then Perl is an excellent choice, one I would recommend without
hesitation.
If your server is IIS/Windows, if your developers are more comfortable
with Java or .NET, then Perl will likely not work out well for you.
If you're starting with a blank slate, Perl/Linux/Apache is probably a
better choice than anything else. But "it depends".
- --
Eric
$_ = reverse sort $ /. r , qw p ekca lre uJ reh
ts p , map $ _. $ " , qw e p h tona e and print
-----BEGIN xxx SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBP59Fp2PeouIeTNHoEQIr8gCg5IX89z3AenGap5VVXcOQ6V0qtpEAnjS/
3t42AEHCLTkSCO1BcWvU/jXm
=clfe
-----END PGP SIGNATURE-----
------------------------------
Date: 28 Oct 2003 17:05:54 -0800
From: chrisw@lu.csi.com.ph (Chris)
Subject: Can't do setuid and file permision denied errors
Message-Id: <14142d1f.0310281705.661c55be@posting.google.com>
I hope this is the right news group to post my questions,
I'm a newbie with perl scripts and I'm having
problem running my copied script to my server. Can anybody who is
patient enough to help me with my problem?
I have a chpass.pl which is being executed by a change password web
utility page. This script tries to update a password on my linux
server /etc/shadow with a file permision rw------. my chpass.pl was
set to -rwsr-sr-x ,
with this file permission, I'm getting an error: Can't do setuid,
referer: http://.......
When I set the file permision of the chpass.pl to -rwsr-xr-x , I get
the error: file permision denied by the file /etc/shadow..
When I chmod 777 the /etc/shadow then everything works but I'm sure
its not safe to do that.. I cannot figure out how could I make this
work with the original file permission of the files shadow and
chpass.pl unchanged for I knew this was been working before with
another machine with almost a copycat of my server.
PLS..
Thanks...
------------------------------
Date: Wed, 29 Oct 2003 01:16:06 +0000 (UTC)
From: Ben Morrow <usenet@morrow.me.uk>
Subject: Re: Can't do setuid and file permision denied errors
Message-Id: <bnn4cm$t1q$1@wisteria.csv.warwick.ac.uk>
chrisw@lu.csi.com.ph (Chris) wrote:
> I have a chpass.pl which is being executed by a change password web
> utility page. This script tries to update a password on my linux
> server /etc/shadow with a file permision rw------. my chpass.pl was
> set to -rwsr-sr-x ,
> with this file permission, I'm getting an error: Can't do setuid,
> referer: http://.......
> When I set the file permision of the chpass.pl to -rwsr-xr-x , I get
> the error: file permision denied by the file /etc/shadow..
> When I chmod 777 the /etc/shadow then everything works but I'm sure
> its not safe to do that.. I cannot figure out how could I make this
> work with the original file permission of the files shadow and
> chpass.pl unchanged for I knew this was been working before with
> another machine with almost a copycat of my server.
This is a problem with the setup of your web server; I would guess
that your new machine has a newer version of Apache than the old?
The correct place to ask this is in a group appropriate to your
server; I think if your server is indeed Apache the right answer
involves using suEXEC, but don't take my word for it.
Are you *VERY* sure you *NEED* to do this? You are risking making it
completely trivial for someone to crack your machine. You must have
appropriate safeguards on who can access this web page. Your instinct
that more than 0600 on /etc/shadow is unsafe is sound; but having this
script be runnable by anyone is far more of a security risk. From the
level of your questions, I would (respectfully) suggest you do not
know enough to make this work safely.
Ben
--
It will be seen... that the Erwhonians are a meek and long-suffering people,
easily led by the nose, and quick to offer up common sense at the shrine of
logic, when a philosopher arises among them who... convinc[es] them that their
...institutions are not based on... morality. [Samuel Butler] ben@morrow.me.uk
------------------------------
Date: Wed, 29 Oct 2003 02:14:14 GMT
From: Steve Grazzini <grazz@pobox.com>
Subject: Re: Can't do setuid and file permision denied errors
Message-Id: <WnFnb.22616$294.22215@nwrdny03.gnilink.net>
Chris <chrisw@lu.csi.com.ph> wrote:
> I'm a newbie with perl scripts and I'm having
> problem running my copied script to my server. Can anybody who is
> patient enough to help me with my problem?
This isn't really the right place for this type of question. If
you're having problems installing a script somebody else wrote, you
could ask the author. Or you could ask about setuid scripts in a
newsgroup dedicated to your OS or webserver.
> my chpass.pl was
> set to -rwsr-sr-x ,
> with this file permission, I'm getting an error: Can't do setuid,
> referer: http://.......
Perl's error and warning messages are documented in the "perldiag"
manpage.
Can't do setuid
(F) This typically means that ordinary perl tried to exec
suidperl to do setuid emulation, but couldn't exec it. It
looks for a name of the form sperl5.000 in the same directory
that the perl executable resides under the name perl5.000,
typically /usr/local/bin on Unix machines. If the file is
there, check the execute permissions. If it isn't, ask your
sysadmin why he and/or she removed it.
This is kind of cryptic, but there's more info on setuid scripts and
suidperl in the "perlsec" manpage. It's still possible to configure
Perl to do setuid emulation, but this feature has been deprecated,
and will probably be removed in 5.10.
--
Steve
------------------------------
Date: Wed, 29 Oct 2003 00:38:15 +0000 (UTC)
From: efflandt@xnet.com (David Efflandt)
Subject: Re: Finding out if a string has a trailing slash
Message-Id: <slrnbpu2vn.ih4.efflandt@typhoon.xnet.com>
On Tue, 28 Oct 2003 20:23:28 +0000 (UTC), Stan Brown <stanb@panix.com> wrote:
> I need to check a user suplied string to see if it has a trailing slash, or
> not.
>
> I tried seomthing like:
>
> if( $dirname =~ m/\/$/ )
>
>
> But that's not working. What am I doing wrong?
Perhaps $dirname ends with something invisible like a carriage return on
an OS that does not recognize that as part of newline. See if this works:
$dirname =~ s/\s*$//;
if ($dirname =~ m|/$|) {
print "trailing slash\n";
}
--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/
------------------------------
Date: Tue, 28 Oct 2003 22:41:16 -0600
From: "Eric J. Roode" <REMOVEsdnCAPS@comcast.net>
Subject: Re: Finding out if a string has a trailing slash
Message-Id: <Xns9422F0ED91236sdn.comcast@216.196.97.136>
-----BEGIN xxx SIGNED MESSAGE-----
Hash: SHA1
Stan Brown <stanb@panix.com> wrote in
news:bnmj80$2kq$1@reader2.panix.com:
> I need to check a user suplied string to see if it has a trailing
> slash, or not.
>
> I tried seomthing like:
>
> if( $dirname =~ m/\/$/ )
>
>
> But that's not working. What am I doing wrong?
>
"Not working" is amazingly vague and non-informative. If you want people
to help you, you must provide more detail. Do you take your car to the
mechanic and say "It's not working. What's wrong"?
Come on now.
- --
Eric
$_ = reverse sort $ /. r , qw p ekca lre uJ reh
ts p , map $ _. $ " , qw e p h tona e and print
-----BEGIN xxx SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBP59E3GPeouIeTNHoEQKrWQCfYMH6HJiQW9OIlYWjqTypxJUCC/cAoNZ2
LHBq5hT4Kwr4HBbC7HO+Vfiu
=bLV3
-----END PGP SIGNATURE-----
------------------------------
Date: Tue, 28 Oct 2003 22:52:15 -0600
From: "Eric J. Roode" <REMOVEsdnCAPS@comcast.net>
Subject: Re: help... this perl is different... null values are crashing my script.
Message-Id: <Xns9422F2CACE0B5sdn.comcast@216.196.97.136>
-----BEGIN xxx SIGNED MESSAGE-----
Hash: SHA1
"John Smith" <someone@microsoft.com> wrote in
news:K1Gnb.4036$R13.187607@ursa-nb00s0.nbnet.nb.ca:
> I've been writing a little perl in the past few years, for web server
> = CGI scripts to be more precise. Currently I am writing a script
> which is = running on a Linux machine with Apache web server with Perl
> 5.6. This is = running great for me.
>
> Today however, I was asked to write another perl script for another =
> project. This will be running on a different machine and
> unfortunately, = I don't have much info, I think it may be a on a sun
> system? Anyway, = after some debugging, I found that my script
> crashes when I use a scalar = that has a null value. For example:
>
> $temp=3D$ENV{'QUERY_STRING'};
> @pairs=3Dsplit(/&/,$temp);
>
> The first line is not a problem, but if the QUERY_STRING environment
> is = empty, the second line will crash.=20
>
> In my script, this is used to read any parameters that were sent to
> the = script from web browser URL, such as =
> http://www.domain.com/cgi-bin/app.pl?year=3D2003. And it works if
> there = are parameters, but if someone uses their web browser to
> access = http://www.domain.com/cgi-bin/app.pl, there are no
> parameters, the = QUERY_STRING environment is null, $temp is null and
> crash! :(
>
> The above is just one example. The following will do the same:
>
> my $temp;
> if($temp=3D=3D0){$a=3D1;}
>
> In both cases, the $temp scalar is empty (or null) and it causes my =
> script to crash. I have never seen this happen before, and it is not =
> happening in my other projects, only on this server. I can work around
> = this so far, but it would make life so much simpler if it wouldn't
> be = doing this.
>
> Does anyone know how I could fix this?
First and foremost, I would like to request a favor: Please do not post
MIME/multipart articles to usenet. Traditionally, you should post plain
text -- everyone expects that, and nobody (me, for example!) has to trim
out MIME stuff. TIA.
Second: What do you mean, exactly, by "crash"? In general, undefined
variables per se are harmless. If "use warnings" is in the script, they
will generate a warning -- not a fatal error. If "use warnings 'FATAL'"
is in the script, they will cause a fatal error; perhaps this is what you
mean by "crash".
Third: never EVER parse your own CGI input in production code. Always,
but ALWAYS use the excellent CGI.pm module. For example, even the two
simple lines you have posted above:
> $temp=$ENV{'QUERY_STRING'};
> @pairs=split(/&/,$temp);
contain a bug. Possibly two, depending on what you count. Really.
- --
Eric
$_ = reverse sort $ /. r , qw p ekca lre uJ reh
ts p , map $ _. $ " , qw e p h tona e and print
-----BEGIN xxx SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBP59HcGPeouIeTNHoEQIzXQCghgR6+ZaPPgxFK7+Dzme04KS0REYAn2lV
3WjJQyDYhTonkSuAQj2QJckR
=4dW6
-----END PGP SIGNATURE-----
------------------------------
Date: Wed, 29 Oct 2003 04:08:41 GMT
From: Uri Guttman <uri@stemsystems.com>
Subject: Re: help... this perl is different... null values are crashing my script.
Message-Id: <x7d6cgwurb.fsf@mail.sysarch.com>
>>>>> "JS" == John Smith <someone@microsoft.com> writes:
JS> $temp=$ENV{'QUERY_STRING'};
JS> @pairs=split(/&/,$temp);
use CGI.pm. it is portable and works. your code (of what little you
showed) is home brewed cgi and almost surely broken.
JS> The first line is not a problem, but if the QUERY_STRING
JS> environment is empty, the second line will crash.
and you use the term crash which has many meanings. your script is
broken, perl isn't.
JS> The above is just one example. The following will do the same:
JS> my $temp;
JS> if($temp==0){$a=1;}
JS> In both cases, the $temp scalar is empty (or null) and it causes
JS> my script to crash. I have never seen this happen before, and it
JS> is not happening in my other projects, only on this server. I can
JS> work around this so far, but it would make life so much simpler if
JS> it wouldn't be doing this.
there is no empty nor null value in perl. $temp is undefined. again you
say crash which is meaningless. the worst that will do is issue warnings
if warnings are enabled. you need to learn some basic perl before you go
blaming perl or the perl version.
uri
--
Uri Guttman ------ uri@stemsystems.com -------- http://www.stemsystems.com
--Perl Consulting, Stem Development, Systems Architecture, Design and Coding-
Search or Offer Perl Jobs ---------------------------- http://jobs.perl.org
------------------------------
Date: Wed, 29 Oct 2003 04:36:03 GMT
From: James Willmore <jwillmore@remove.adelphia.net>
Subject: Re: help... this perl is different... null values are crashing my script.
Message-Id: <20031028233604.67640c29.jwillmore@remove.adelphia.net>
On Wed, 29 Oct 2003 02:58:50 GMT
"John Smith" <someone@microsoft.com> wrote:
<snip>
> Today however, I was asked to write another perl script for another
> project. This will be running on a different machine and
> unfortunately, I don't have much info, I think it may be a on a sun
> system? Anyway, after some debugging, I found that my script
> crashes when I use a scalar that has a null value. For example:
If it's a *NIX box, use 'uname -a' to get information about the
machine :-) And to see how Perl was compiled for the box (*NIX or
otherwise), type 'perl -V' at the command line :-)
>
> $temp=$ENV{'QUERY_STRING'};
> @pairs=split(/&/,$temp);
>
> The first line is not a problem, but if the QUERY_STRING environment
> is empty, the second line will crash.
Use the CGI module. The module will prevent such wonderful things
like not splitting the params correctly - which _may_ be the reason
for the script failing.
<snip>
> Does anyone know how I could fix this?
Use the CGI module :-)
HTH
--
Jim
Copyright notice: all code written by the author in this post is
released under the GPL. http://www.gnu.org/licenses/gpl.txt
for more information.
a fortune quote ...
Things are more like they used to be than they are now.
------------------------------
Date: Tue, 28 Oct 2003 18:21:47 -0500
From: "John Call" <jcall@ellijay.com>
Subject: Interactive sessions on another box from Win32
Message-Id: <bnmtmb01fb1@enews1.newsguy.com>
I need to write some code on a Win32 box that will connect securely to a
linux box, su (which is interactive), and then run a command line program
which will prompt me for some input (interactive). I planned to ssh to the
box and use Expect to handle the interactive issues. I have found that
Expect is not an option on Win32.
I am only vaguely familiar with Win32 and am not sure what my options are
for connecting securely to linux box and running interactive programs on the
linux box. My own research has turned up very little. If anyone has any
ideas on this I would appreciate it.
thanks,
John
------------------------------
Date: Tue, 28 Oct 2003 17:50:59 -0600
From: "Eric J. Roode" <REMOVEsdnCAPS@comcast.net>
Subject: Re: multiline regular expression, is it possible?
Message-Id: <Xns9422BFB87EEB0sdn.comcast@216.196.97.136>
leifwessman@hotmail.com (Leif Wessman) wrote in
news:64beeaad.0310280637.4c49e659@posting.google.com:
> In php I'm doing the following:
>
> preg_match_all("/$myregexp/", $results, $matches);
>
> But I get an error. Why is this?
Perhaps you could ask in a PHP newsgroup? :-)
--
Eric
$_ = reverse sort $ /. r , qw p ekca lre uJ reh
ts p , map $ _. $ " , qw e p h tona e and print
------------------------------
Date: Tue, 28 Oct 2003 23:58:23 GMT
From: Koncept <user@unknown.invalid>
Subject: Re: regex for stripping HTML
Message-Id: <281020031858238958%user@unknown.invalid>
In article <vilain-8A69E5.10474828102003@comcast.ash.giganews.com>,
Michael Vilain <vilain@spamcop.net> wrote:
> Originally, I was using
>
> $value =~ s/<.*>//g;
>
> to strip HTML tags from a variable. It actually stripped everything
> from the first "<" to the last ">" after the ending tag. I found this
> regex in this group:
>
> $value =~ s/\<[^\<]+\>//g;
>
> and I'm trying to parse it out and figure out why it works. First off,
> some questions:
>
> - why escape the "<"? It's not one of the meta characters that has
> special meaning in a regex.
>
> - what's the difference between using ".*" to match any string and "+"
> to match a repeat of the character class "[^\<]".
>
> Just trying to deepen my understanding of regex. It's like whitewash --
> it gets more opaque with multiple coats.
>
> TIA,
>
> /MeV/
Hello. This is from the Terminal Query:
$ perldoc -q html
[quote]
Here's one "simple-minded" approach, that works for most files:
#!/usr/bin/perl -p0777
s/<(?:[^>'"]*|(['"]).*?\1)*>//gs
If you want a more complete solution, see the 3-stage
striphtml
program in http://www.cpan.org/authors/Tom_Chris-
tiansen/scripts/striphtml.gz .
[/quote]
--
Koncept <<
"Contrary to popular belief, the most dangerous animal is not the lion or
tiger or even the elephant. The most dangerous animal is a shark riding
on an elephant, just trampling and eating everything they see." - Jack Handey
------------------------------
Date: Tue, 28 Oct 2003 22:39:03 -0600
From: "Eric J. Roode" <REMOVEsdnCAPS@comcast.net>
Subject: Re: regex for stripping HTML
Message-Id: <Xns9422F08D772C6sdn.comcast@216.196.97.136>
-----BEGIN xxx SIGNED MESSAGE-----
Hash: SHA1
"Michael Vilain <vilain@spamcop.net>" wrote in news:vilain-
8A69E5.10474828102003@comcast.ash.giganews.com:
> Originally, I was using
>
> $value =~ s/<.*>//g;
>
> to strip HTML tags from a variable. It actually stripped everything
> from the first "<" to the last ">" after the ending tag. I found this
> regex in this group:
>
> $value =~ s/\<[^\<]+\>//g;
>
> and I'm trying to parse it out and figure out why it works. First off,
> some questions:
>
> - why escape the "<"? It's not one of the meta characters that has
> special meaning in a regex.
>
> - what's the difference between using ".*" to match any string and "+"
> to match a repeat of the character class "[^\<]".
>
> Just trying to deepen my understanding of regex. It's like whitewash
--
> it gets more opaque with multiple coats.
Nah, it's not that hard. There's a learning curve, sure, but you'll get
to the top of it in time.
First, you are correct about the "<" -- no need to escape it; whoever did
it wasn't thinking.
Second, it helps to translate the regex sub-expressions into English
(assuming English is your native tongue):
<.*> means: Match a less-than character, followed by as many
characters as possible, followed by a greather-than character.
<[^>]+> means: Match a less-than character, followed by as many non-
greater-than characters as possible, followed by a greater-than
character.
See the difference? . matches ANY character; [^>] matches only non-">"
characters.
Note that it is not possible in general to process HTML via regular
expressions (at least, not simple regexes). Consider the following
snippet of valid HTML:
<img src="foo.jpg" alt='<<<"cool!">>>' />
- --
Eric
$_ = reverse sort $ /. r , qw p ekca lre uJ reh
ts p , map $ _. $ " , qw e p h tona e and print
-----BEGIN xxx SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBP59EVWPeouIeTNHoEQJRGQCguzB4DdBzsa/9dmTMRm4ExzMmxBUAoIIq
bHd4Hbx8MdXgkJm3sWoUu0K1
=ADWR
-----END PGP SIGNATURE-----
------------------------------
Date: Tue, 28 Oct 2003 23:25:18 +0000
From: "Alan J. Flavell" <flavell@ph.gla.ac.uk>
Subject: Re: strange effect with [:lower:] in perl
Message-Id: <Pine.LNX.4.53.0310282307460.29335@ppepc56.ph.gla.ac.uk>
On Tue, 28 Oct 2003, Ben Morrow wrote:
> > Oh yes: the /[[:lower:]]/ regex fails to work when it's fed
> > non-upgraded iso-8859-1 characters, but works fine after forcing
> > the "upgrade".
> >
> > That would surely have to be categorised as a bug?
>
> No: well, at any rate, it's intentional and documented.
I appreciate the correction. (If you check the archives of this group
for quite some months now you'll maybe get the impression that I was
one of the few attempting to answer unicode-related questions - at
least that was starting to be /my/ impression - despite me being at
only a relatively early stage of getting to tangle with the stuff in
Perl. I sure appreciate seeing some informed input from others such
as yourself.)
> The aim is that non-Unicode-aware programs being fed non-Unicode
> data carry on working as before 5.6,
I suppose that's understandable-ish.
> and before 5.6 [[:lower:]]
> meant the same as [a-z] unless you used locale.
Well, must admit I was blissfully unaware of the existence of those
POSIX regex constructs in versions of Perl before 5.6, but I take your
point. As a 5.6 document succintly puts it:
| This document varies from difficult to understand to completely and
| utterly opaque.
Ho hum...
thanks again
------------------------------
Date: Wed, 29 Oct 2003 00:39:53 +0000 (UTC)
From: Ben Morrow <usenet@morrow.me.uk>
Subject: Re: strange effect with [:lower:] in perl
Message-Id: <bnn28p$re0$1@wisteria.csv.warwick.ac.uk>
"Alan J. Flavell" <flavell@ph.gla.ac.uk> wrote:
> On Tue, 28 Oct 2003, Ben Morrow wrote:
> > and before 5.6 [[:lower:]]
> > meant the same as [a-z] unless you used locale.
>
> Well, must admit I was blissfully unaware of the existence of those
> POSIX regex constructs in versions of Perl before 5.6, but I take your
> point.
You are of course correct... /me gets a slap on the wrist for not
checking. :)
Let us say "5.6 when not under the 'utf8' pragma", then; the behaviour
is probably the most 'correct' for those assumptions. It is also
consistent with '\w' under 5.005, which didn't match accented
characters either, unless you used an appropriate locale.
Ben
--
Every twenty-four hours about 34k children die from the effects of poverty.
Meanwhile, the latest estimate is that 2800 people died on 9/11, so it's like
that image, that ghastly, grey-billowing, double-barrelled fall, repeated
twelve times every day. Full of children. [Iain Banks] ben@morrow.me.uk
------------------------------
Date: 28 Oct 2003 18:59:33 -0800
From: rbhave@ford.com (Ravi Bhave)
Subject: Using 'crypt' command in perl script giving Insecure depedency warning and error.
Message-Id: <79523576.0310281859.44e9011b@posting.google.com>
Hi,
I have a perl script which is used to log on to a server using
username and encrypted password file and key file. The script runs
FINE when I execute it on command line passing all parameters. It gets
the file without any errors or warnings.
BUT when my program(C++ program) calls the same script(ftp_get) and
passes the required parameters it does not work. It fails at line
where 'crypt' is used and gives me error: 'Insecure depedency
in''while running setgid at ftp_get (script shown at the end) at line
21, <INF> line 1.
Please help me in fixing this error.
Any help is greatly apreciated.
Thanks in advance.
Ravi
The encrypted password file is created using 'crypt' command on Sun
solaris server. The password encrypted file is created by using
following shell script(set_ibm_password), which uses keyfile($PWCKEY).
-------------------------------------------------
#! /bin/sh
# Read in the crypt seed key:
. ibmpwckey
PWC_File=ibmpwc
echo "Enter FTP User name for IBM ? \c"
read IBM_User
echo "Enter FTP Password ? \c"
stty -echo
read IBM_password
stty echo
echo ""
echo $IBM_password | crypt $PWCKEY > $PWC_File
--------------------------------------------------------
My perl script which uses the file created by above file is as follows
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#! /usr/local/bin/perl -w
# Load the required libraries.
use Net::FTP;
$Usage="Usage: ftp_get remote_host login_name local_file remote_file
PasswdFile PasswdKeyFile";
# Get the parameters.
my( $host ) = shift || die $Usage;
my( $login ) = shift || die $Usage;
my( $local_file ) = shift || die $Usage;
my( $remote_file ) = shift || die $Usage;
my( $SeedFile ) = shift || die $Usage;
my( $PWC_File ) = shift || die $Usage;
my( $PWCKEY );
my( $PW );
open INF, $SeedFile;
while ( $Line = <INF> ) {
chomp $Line;
( $Name, $PWCKEY ) = split /=/, $Line;
if ( $Name eq "PWCKEY" ) {
break;
}
}
line 21: $PW=`crypt $PWCKEY < $PWC_File`;
chomp $PW;
print "PASSWD $PW \n";
my( $ftp ) = Net::FTP->new( $host );
$ftp->login( $login, $PW );
print "local file = $local_file Remote_file = $remote_file \n";
$ftp->get( $local_file, $remote_file )
or die "Can not get file \n";
$ftp->quit();
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
------------------------------
Date: Wed, 29 Oct 2003 04:31:26 GMT
From: James Willmore <jwillmore@remove.adelphia.net>
Subject: Re: Using 'crypt' command in perl script giving Insecure depedency warning and error.
Message-Id: <20031028233126.46d6c136.jwillmore@remove.adelphia.net>
On 28 Oct 2003 18:59:33 -0800
rbhave@ford.com (Ravi Bhave) wrote:
> Hi,
> I have a perl script which is used to log on to a server using
> username and encrypted password file and key file. The script runs
> FINE when I execute it on command line passing all parameters. It
> gets the file without any errors or warnings.
>
> BUT when my program(C++ program) calls the same script(ftp_get) and
> passes the required parameters it does not work. It fails at line
> where 'crypt' is used and gives me error: 'Insecure depedency
> in''while running setgid at ftp_get (script shown at the end) at
> line 21, <INF> line 1.
>
> Please help me in fixing this error.
> Any help is greatly apreciated.
<snip>
When this error occurs, it's normally a path issue. Try setting your
path ($ENV{PATH}) in the perl script.
Also - watch out for running Perl scripts setuid. You may want to use
the '-T' option to enable taint checking.
And, you _may_ have to write a small C wrapper to run the script
properly - but you may be able to get away with running the script
with the above suggestions.
Read perlsec (type 'perldoc perlsec' at the command line) for more
information.
HTH
--
Jim
Copyright notice: all code written by the author in this post is
released under the GPL. http://www.gnu.org/licenses/gpl.txt
for more information.
a fortune quote ...
The intelligence of any discussion diminishes with the square of
the number of participants. -- Adam Walinsky
------------------------------
Date: 6 Apr 2001 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 6 Apr 01)
Message-Id: <null>
Administrivia:
The Perl-Users Digest is a retransmission of the USENET newsgroup
comp.lang.perl.misc. For subscription or unsubscription requests, send
the single line:
subscribe perl-users
or:
unsubscribe perl-users
to almanac@ruby.oce.orst.edu.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
To request back copies (available for a week or so), send your request
to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
where x is the volume number and y is the issue number.
For other requests pertaining to the digest, send mail to
perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
sending perl questions to the -request address, I don't have time to
answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V10 Issue 5722
***************************************
