Need help with a login script
I know this topic is beaten to death, and then some, but I was wondering if someone could help me figure out what is wrong with my login script. No matter if I try to login with a valid credentals or not it says that the login has failed. I'm sure it has something to do with the way that I am compairing what the user provides with what is in the database but I can't figure out exactly what it is. Here is my working code: #!/usr/bin/perl -T use warnings; use strict; use diagnostics; use CGI qw(:standard); use DBI; BEGIN { $|=1; use CGI::Carp('fatalsToBrowser'); } delete @ENV{ 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; my @user; #...@user deals with username and password in this case my $dbh; sub db_connect { use constant username = 'AmeriVista'; use constant password = 'pfVjBaseBNCD42GV'; my $database = 'VistaCloud'; my $server = 'localhost'; my $errors; my $dsn = DBI:mysql:database=$database;host=$server;port=3306 || die Couldn't Connect to the Database: $!; $dbh = DBI-connect($dsn, username, password, {RaiseError = 1}) || die Couldn't authenticate to the Database: $!; } db_connect (); my $cookie = cookie(-name='sessionID', -value=@user, -expires='+2h', -path='/cgi-bin', -domain='vendion.dyndns.org', -secure=1); print header(-cookie=$cookie); print start_html (-title=AmeriVista Event Logging, -author='vend...@vendion.net'); print h1AmeriVista Event Logging/h1\n; print hr; if (param) { form_verify (@user); print Username: $user[0]\nbr /Password: $user[1]br /\n; #use for debugging my $sth = $dbh-prepare(SELECT * FROM Users WHERE 'UserName' = '$user [0]' AND 'Password' = '$user[1]'); #check that username and password exist and match $sth-execute(); my @Login = $sth-fetchrow_array(); $sth-finish(); if (($Login[2] eq $user[0]) ($Login[3] eq $user[1])) { print pHello $user[0]!/p\n; #debugging use only, will add on later } else { print pLogin Failed!/p\n; print Username: $user[0]\nbr /Password: $user[1]\n; #use for debugging } } else { print start_form; print_form(); print end_form, \n; } sub form_verify { $user[0] = param('UserName'); if ( $user[0] =~ /^([...@\w.]+)$/ ) { $user[0] = $1; } else { die Incorrect username format given; } $user[1] = param('Password'); if ( $user[1] =~ /^([...@\w.]+)$/ ) { $user[1] = $1; } else { die Incorrect password format given; } return @user; } sub print_form { print div align='center'\n; print table width='25%' border=1 summary='Log in'\n; print td align='left' valign='middle'\n; print pLogin Data/p\n; print pUsername: , textfield(-name='UserName', -maxlength=120), \n; print br\n; print Password: , password_field(-name='Password', -maxlength=120), /p\n; print a href=\register.cgi\ title=\Click here to register! \Click Here to Register!/a\n; print br\n; print submit(-name='Submit_Form', -value='Submit'); print reset, \n; print /td\n; print /table\n; print /div\n; } print end_html, \n; To see it in action I have it uploaded at http://vendion.dyndns.org/cgi-bin/index.cgi Username: test Password: password -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Showing errors with user input
Greg Jetter wrote: start by checking the content of @errors inside the print_form sub. with a print statement and exit. Greg Thanks for that, now that is working correctly I guess I didn't need to go through the array like I was trying. -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Showing errors with user input
Greg Jetter wrote: You are trying to use a local scoped var as a global , line 93 $GoodMail is used out of its scope , if ( $user[5] =~ /^([...@\w.]+)$/ ) { $user[5] = $1; eval { my $GoodMail = Email::Valid-address( -address = $user[5], - mxcheck = 1); return; } #push @errors, pError: Double check your email address/p if $@; $user[5] = $GoodMail; } it should read if ( $user[5] =~ /^([...@\w.]+)$/ ) { my $GoodMail ; $user[5] = $1; eval { $GoodMail = Email::Valid-address( -address = $user[5], -mxcheck = 1); return; } #push @errors, pError: Double check your email address/p if $@; $user[5] = $GoodMail; } or even declare it up with the other globals if you want , but the way you have it now it is out of scope after that eval { } block completes. there may be other errors , fix that one first and try it again and see what else pops up. have fun Greg Ok I fixed that issue, can't even remember why I tried to declare it in the eval block I guess that is what I get for writing code while half asleep. The only other change that I made was I uncommitted out the push @errors, pError: Double check your email address/p if $@; line and here is the new error I get [Mon Dec 7 22:24:30 2009] register.cgi: Illegal character in prototype for main::form_verify : @user at register.cgi line 43. [Mon Dec 7 22:24:30 2009] register.cgi: main::form_verify() called too early to check prototype at register.cgi line 36. Content-type: text/html h1Software error:/h1 presyntax error at register.cgi line 93, near quot;pushquot; register.cgi had compilation errors. /pre p For help, please send mail to this site's webmaster, giving this error message and the time and date of the error. /p [Mon Dec 7 22:24:30 2009] register.cgi: syntax error at register.cgi line 93, near push [Mon Dec 7 22:24:30 2009] register.cgi: register.cgi had compilation errors. There is something about this push statement that Perl doesn't like, the only thing I can think of is the if $@ part. -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Showing errors with user input
I am working on a registration page and there for want it to show the user errors it has found with their input. I have two subroutines in my code, the first one prints out the form, also takes an array with error descriptions that is passed by the other subroutine. The other subroutine takes the user input and verifies it, any errors that it finds it pushes into an array called @errors and passes that back to the first subroutine. The problem is it doesn't work right when I run it from the command line this is what I get: vend...@seserver:~/public_html/AmeriVista perl -cT register.cgi [Sun Dec 6 14:12:12 2009] register.cgi: Illegal character in prototype for main::form_verify : @user at register.cgi line 43. [Sun Dec 6 14:12:12 2009] register.cgi: Scalar found where operator expected at register.cgi line 93, near $user [Sun Dec 6 14:12:12 2009] register.cgi:(Missing semicolon on previous line?) [Sun Dec 6 14:12:12 2009] register.cgi: main::form_verify() called too early to check prototype at register.cgi line 36. Content-type: text/html h1Software error:/h1 presyntax error at register.cgi line 93, near quot;$userquot; Global symbol quot;$GoodMailquot; requires explicit package name at register.cgi line 93. register.cgi had compilation errors. /pre p For help, please send mail to this site's webmaster, giving this error message and the time and date of the error. /p [Sun Dec 6 14:12:12 2009] register.cgi: syntax error at register.cgi line 93, near $user [Sun Dec 6 14:12:12 2009] register.cgi: Global symbol $GoodMail requires explicit package name at register.cgi line 93. [Sun Dec 6 14:12:12 2009] register.cgi: register.cgi had compilation errors. I have attached my code for the script, if someone could look at it and give some ideas as to how to make this work or a better way then please do -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper register.cgi Description: Perl program -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Web photo album, is this possible in CGI
It seems that my posts haven't been making it to the list, or have been moderated for some reason. I would like to thank everyone for their replies to my question I have have a starting place up and running. One question that is bugging me now is how to link to an external javascript file in the html header of the script? The page is here http://vendion.net/cgi-bin/photoviewer.cgi but as you can see I have the javascript directly in my page print start_html(-title=Photo Viewer v$version, -author='vend...@vendion.net', -meta={'copyright'='copyright 2009 Adam Jimerson'}, -style={'src'='/default.css'}, -script=$jscript); To get the javascript in the $jscript variable I am currently using a here doc statement. I'm sure due to the length of my javascript code it is slowing down my page being made. If linking to the code in the header is possible then I'm sure it would be better than what I have now. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Web photo album, is this possible in CGI
Hi all, I am wanting to put something together where every time the script executes it looks into a set directory for photos and then builds a web page with those photos, or even a enlargeable thumbnail of the photo, in kind of a photo album way. I don't know if something like this can be done in CGI or not, and figure I would ask and see what everyone here says before I give it a try, if it is possible maybe someone would have any tips or pointers that would be helpful. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Opening a pipe when taint mode is enabled
Gunnar Hjalmarsson wrote: How would I allow for spaces but not newlines By including a space in the regex, just as Mike showed you in another reply. http://www.nntp.perl.org/group/perl.beginners.cgi/2009/01/msg13364.html Oh my USENET client didn't have the space in his reply. This is the reason that I am doing it so I can learn, I learn better by doing so by doing this and making mistakes (and fixing them) is a lot better for me than just reading about it. Sorry but reusing code from the CPAN is nice, but doesn't really help me learn. It depends on what it is you want to learn. In any case, a program with which you invite the world to submit things to your system is not a good learning environment. Which I am glad that that was pointed out to me so it could be fixed. This list is rather quiet, but make that comment on the beginners list, and you'll see what I mean. ;-) -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Opening a pipe when taint mode is enabled
Gunnar Hjalmarsson wrote: Adam Jimerson wrote: On Jan 11, 8:21 am, nore...@gunnar.cc (Gunnar Hjalmarsson) wrote: Adam Jimerson wrote: It seams I over looked the space, is it possible to include spaces in the search string? Of course it is. What you call search string is a regular expression. Obviously you have some reading to do: http://perldoc.perl.org/perlrequick.html http://perldoc.perl.org/perlretut.html http://perldoc.perl.org/perlre.html Yea I looked it up and all I needed to do was add \s for whitespaces, Which would also allow for newlines. That sounds dangerous to me, and is an example why it's not a good idea to write your own code, that allows the world to submit data to your system, before you really know what you are doing. How would I allow for spaces but not newlines in a textbox like the one that I use obtain the name? This is the reason that I am doing it so I can learn, I learn better by doing so by doing this and making mistakes (and fixing them) is a lot better for me than just reading about it. Sorry but reusing code from the CPAN is nice, but doesn't really help me learn. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Opening a pipe when taint mode is enabled
On Jan 11, 8:21 am, nore...@gunnar.cc (Gunnar Hjalmarsson) wrote: Adam Jimerson wrote: Gunnar Hjalmarsson wrote: You don't say what to do if the untainting fails. This code: if ($name =~ /^([...@\w.]+)$/) { $name = $1; }; should better be: if ($name =~ /^([...@\w.]+)$/) { $name = $1; } else { die Untainting of the name failed; } Please consider, for instance, what happens if the user submits both a first and last name. It seams I over looked the space, is it possible to include spaces in the search string? Of course it is. What you call search string is a regular expression. Obviously you have some reading to do: http://perldoc.perl.org/perlrequick.html http://perldoc.perl.org/perlretut.html http://perldoc.perl.org/perlre.html Since this is about a contact form, I can't help calling your attention to my contact form module. The link in the sig below takes you to a form that was created by that module. The whole code that is needed, given that the form has been installed, is: #!/usr/bin/perl -T use CGI::ContactForm; contactform ( recname = 'My Name', recmail = '@example.com', styleurl = '/style/ContactForm.css', ); You find the module at CPAN: http://search.cpan.org/dist/CGI-ContactForm/ Your form looks interesting, but in the long run I think it would benefit me more learning wise to fix my program. For some definition of benefit, maybe. ;-) -- Gunnar Hjalmarsson Email:http://www.gunnar.cc/cgi-bin/contact.pl Yea I looked it up and all I needed to do was add \s for whitespaces, now that that is solved and everything is working the question comes to mind (I'm sure a Google search would help me here) what about if the program handled uploaded files would they need to be untainted as well and if so how? Perlsec didn't cover that, but I figure that something like that is kind of advanced to include in a doc page. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Opening a pipe when taint mode is enabled (was: Send email using SMTP)
Gunnar Hjalmarsson wrote: Adam Jimerson wrote: According to perlsec I need to use it as a key in a hash or reference a substring. The example given is ,[ ] if ($data =~ /^([...@\w.]+)$/) { $data = $1; # $data now untainted } else { die Bad data in '$data'; # log this somewhere } ` When I tried it, using the same search string, What happened then? Show us the code and possible error messages, please. all I need is to check for alphanumeric characters to cover the name, email address and a message. Are there tainted email address and message variables also? Is there something wrong with the above search string? Only you can tell, I suppose... I attached my code for my program, the error doesn't happen until the form is filled out. The error that I get is Insecure dependency in piped open while running with -T switch at /srv/www/cgi-bin/contact line 96. All the variables that have user submitted content go through the above search string as soon as the program retrieves it. contact Description: Perl program -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Send email using SMTP
matt wrote: This is usually the result of a mismatch between the character set used by your ssh client and the locale settings of your session. Here's a link that discusses: http://help.lockergnome.com/linux/high-ascii-characters-linux-terminal- ssh-ftopict487060.html [u...@host ~]$ echo $LANG en_US.UTF-8 --make sure your SSH client character set matches this value Generally, I have found on Redhat and Suse that they now use the above by default and that setting my SSH client to use UTF-8 fixes this issue. You mean like this vend...@big-o:~ echo $LANG en_US.UTF-8 My system is using UTF-8 by default -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Send email using SMTP
Adam Jimerson wrote: I wasn't able to remember what it exactly said, but yes it is about $ENV{PATH}, on my machine perldoc perlsec is riddled with formating problems it looks like, here is a copy of what I mean: Ok adding $ENV{PATH} = ''; or even $ENV{PATH} = '/usr/bin'; (in case it needs to be pointed to an existing directory) changes the error that I get to this: Insecure dependency in piped open while running with -T switch at /srv/www/cgi-bin/contact line 87. Line 87 is where I open /usr/bin/mail for writing, how do I solve this problem? -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Send email using SMTP
Gunnar Hjalmarsson wrote: I wasn't able to remember what it exactly said, but yes it is about $ENV{PATH}, on my machine perldoc perlsec is riddled with formating problems You can always read it online: http://perldoc.perl.org/perlsec.html Do I need to specify anything for the $ENV{PATH} or do I just leave it blank It depends. You have to take into consideration whether your program relies on any of the paths. If not, it's fine to leave it blank. The only time I call something that is not a Perl function in my program, which if I understand this correctly is why I have to set $ENV{PATH}, is when I call /usr/bin/mail, but when I set $ENV{PATH} to blank or to /usr/bin I get this error Insecure dependency in piped open while running with -T switch at /srv/www/cgi-bin/contact line 87. That line is where I open the mail command for writing which I have done so like this open(MAIL, |/usr/bin/mail -s \User, $name, has left a message\ vendion) || die Can't send mail: $!; Now without the -T switch this sends the message to my local mbox on my system, its just something about it that the switch just does not like. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Send email using SMTP
Mike Williams wrote: You can read the output of perldoc perlsec on the web at: http://perldoc.perl.org/perlsec.html That will help, thanks! What version of perl are you using? What OS? I've seen similar problems with perldoc a few years ago while using perl 5.6.1 on early versions of fedora and on windows. I have version 5.10.0 of perl as for my OS its openSUSE 11.1, this is happening even in perldoc perldoc so I'm going to report it to my distro. You can also try perldoc -t perlsec which should get rid of most of the ESC... stuff. It will still leave some junk in places where perldoc is meant to display bold or underlined characters, but it should get rid of most of the terminal control stuff. Mike -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Send email using SMTP
Gunnar Hjalmarsson wrote: Adam Jimerson wrote: I solved my problem using the sendmail with the code below in my script: open (MAIL, |/usr/sbin/sendmail -t ); print MAIL From: someaddr...@somedomain\n; print MAIL To: someaddre...@somedomain\n; print MAIL Content-Type: text/plain\n; print MAIL Subject: Very simple email test\n\n; print MAIL Body of the message; close (MAIL); This is kind of off topic, but are you using the -T switch on your script? When I tried to open /usr/bin/mail with that switch on I get a error message about an insecure environment command. Did it just say insecure environment? On my box it says: Insecure $ENV{PATH} ..., which means that you need to untaint the $ENV{PATH} variable. The easiest way to do that is: $ENV{PATH} = ''; Please read more about Perl security in perldoc perlsec. I wasn't able to remember what it exactly said, but yes it is about $ENV{PATH}, on my machine perldoc perlsec is riddled with formating problems it looks like, here is a copy of what I mean: Perl automatically enables a set of special security checks, called ESC[4mtaintESC[24 m ESC[4mmodeESC[24m, when it detects its program running with differing real and effective user or group IDs. The setuid bit in Unix permissions is mode 04000, the setgid bit mode 02000; either or both may be set. You can also enable taint mode explicitly by using the ESC[1m-T ESC[22mcommand line flag. This flag is ESC[4mstronglyESC[24m sugge sted for server it is like that through out the whole thing, is it like this for anyone else? Do I need to specify anything for the $ENV{PATH} or do I just leave it blank, sorry for asking but this might be faster then trying to decyhper the perldoc. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Verifying email addresses given by a user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Williams wrote: What are you expecting to happen? Email::Valid will throw an exception if *it* encounters an error. Finding an invalid address is not an error for Email::Valid. That's its job ;-) $addr will be undefined if the email address is valid. If the email address is valid $addr will contain the validated email address. I tried your code and it worked for me. You probably want to move the definition of $addr to *before* the eval if you want to test it after the eval. Otherwise the scope of the scalar $addr is only within brackets of the eval. #my $email = 'drumm...@gmail.com'; my $email = 'test'; my $addr; eval { $addr = Email::Valid-address( -address = $email, -mxcheck = 1); }; print valid address ($addr)\n if $addr; print Invalid address ($email)\n unless $addr; Here's the output from two test runs, alternately commenting out the two addresses above: $ ./email_list_test.pl valid address (drumm...@gmail.com) $ ./email_list_test.pl Invalid address (test) Happy New Year, Mike Ok my problem with is was after it tests the email address I didn't use $addr, I reused $email instead. So if I change it to test to see if $addr is defined then I won't have this problem. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAkleLSIACgkQRMKiLy/EUZSK6wCgqRgzzIeZAgv3z0xZX6VGpWbX Q7AAoJGhfSsEJifI7dbpKAIyFcpAwION =NMPz -END PGP SIGNATURE- -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Verifying email addresses given by a user
I'm trying to make my script verify a email address that a user has given to it. I have installed and using Email::Valid but it doesn't seem to be working for it allowed this as a email address: test The way that I have it checking is by this: eval { my $addr = Email::Valid-address( -address = $email, -mxcheck = 1); }; I pretty much took this from http://search.cpan.org/~rjbs/Email-Valid-0.179/lib/Email/Valid.pm I don't know what is wrong. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: embedding a CGI script in a HTML page?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greg Jetter wrote: On Monday 15 December 2008 3:50:24 am Adam Jimerson wrote: Dermot Paikkos wrote: -Original Message- http://www.template-toolkit.org/ Mike Looking at the website and the documentation, still reading through it, I'm still not sure how to mix this with my CGI scripts to make them look like the rest of the site even though Konqueror supports the object tag, which I would think would be the last browser to support it. It may just be that I'm new to CGI so I'm having to take what I am learning and throw it out the window? I am not sure TT is what you want. If you want to run perl code from within a html tags that's not possible as far as I know. You could use Greg's suggestion of http://perl.apache.org/embperl/ or use AJAX to call your perl cgi scripts. But if you insist that you want to put you code in the page then you really want ?php Dp. I'm not trying to put perl code into the page, they way I have it now is I have the page generated by my CGI script inside another page that is using my CSS. I've tried to have my CGI script directly handle my CSS but it didn't work due to its limited support for CSS. So now I'm trying to find a better way to make my CGI script look like the rest of my site, I'm guessing this is what Template Toolkit if I can figure out how to do it, or if my solution is the best. if you decide to go with a template system , a good simple one I use quite a lot is the module HTML::Template . this allows you to have separate html template pages with place holder tags that your CGI script would process and then output to the calling browser. You could then just take your regular html page with your css stuff applied and replace those bits that have to have a calculation or other function with a template var. you then can maintain the look of your static pages with your dynamically generated pages . Greg Correct me if I am wrong but these template systems seem to only handle output from the CGI script, which would be nice if my scripts only handled output but they also need user input. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAklHALEACgkQRMKiLy/EUZTeSwCfU+LlVieDGdHCRKUL+ctSGDF7 0K4AoKwU12fat1aYvympNaDk+T4PkmK0 =g0pf -END PGP SIGNATURE- -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re:[SOLVED] embedding a CGI script in a HTML page?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Williams wrote: I have tried that and when I tried to call up a div object, in my css (is attached) called leftcolumn, instead of getting a navy blue column on the left side of the page it is just white. Did you perhaps use 'div class='leftcolumn' ? That will not work with your stylesheet. div id='leftcolumn' *will* work Here is a little cgi program that uses CGI.pm and your style sheet to print a some stuff in a blue column on the left side of the screen: #!/usr/bin/perl use warnings; use strict; use CGI; my $q = CGI-new(); print $q-header(), $q-start_html(-title=list msg test, -style={'src'='/css/se.css'}), 'div id=leftcolumn'; for (my $i = 1; $i 26; $i++) { print $q-br(blue column line $i); } print '/div', $q-end_html(); I have tried div id but they way I tried it was different, this is how I tried it print div id=leftcolumn; print Some information; print /div; I guess that I was doing something wrong because it is working now thank you for the help - From what I see in the tutorial, http://template-toolkit.org/docs/tutorial/Web.html#section_Dynamic_Content_Generation_Via_CGI_Script , the Templete Toolkit only outputs information from the script, but I need it to handle input as well, my script I am working on is a guestbook so it needs to get the name of the guest and a message then output it, as well as save it to a log for later use by the script. Everything works but the plain white background is ugly and doesn't match the rest of my site which is why I started this thread. You seem to be under the mistaken impression that you cannot get input using CGI.pm or Template::Toolkit. That is incorrect, either of those tools allow you to generate forms that can be used to get input from the user. If you look at perldoc CGI the very first screen contains an example of how to generate a form. I know how to generate forms with CGI which is where I have been putting my forms, but I didn't think that Template::toolkit could generate a form and pass the information off to the script for processing. Hope this helps, Mike -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAklIC5sACgkQRMKiLy/EUZTjqgCgnQj5UdmboFiqq0VkmY4i6VYD m6gAn2kcHUDfKNtSk89NSqlU1w/ugrOu =WL/f -END PGP SIGNATURE- -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: embedding a CGI script in a HTML page?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dermot Paikkos wrote: -Original Message- http://www.template-toolkit.org/ Mike Looking at the website and the documentation, still reading through it, I'm still not sure how to mix this with my CGI scripts to make them look like the rest of the site even though Konqueror supports the object tag, which I would think would be the last browser to support it. It may just be that I'm new to CGI so I'm having to take what I am learning and throw it out the window? I am not sure TT is what you want. If you want to run perl code from within a html tags that's not possible as far as I know. You could use Greg's suggestion of http://perl.apache.org/embperl/ or use AJAX to call your perl cgi scripts. But if you insist that you want to put you code in the page then you really want ?php Dp. I'm not trying to put perl code into the page, they way I have it now is I have the page generated by my CGI script inside another page that is using my CSS. I've tried to have my CGI script directly handle my CSS but it didn't work due to its limited support for CSS. So now I'm trying to find a better way to make my CGI script look like the rest of my site, I'm guessing this is what Template Toolkit if I can figure out how to do it, or if my solution is the best. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAklGUpAACgkQRMKiLy/EUZRK7ACeIcy38u969ZbcgskecP4ru0db 8f0AnAqaRRqhj8r5sW4aeClU2TBoxAf9 =Zzkr -END PGP SIGNATURE- -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: embedding a CGI script in a HTML page?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Williams wrote: On Sun, Dec 14, 2008 at 1:28 PM, Adam Jimerson vend...@charter.net wrote: On Dec 12, 12:47 pm, sdav...@mail.nih.gov (Sean Davis) wrote: Are you talking about this, http://search.cpan.org/~abw/Template-Toolkit-2.20/lib/Template.pm? If so it doesn't really say what it is for I am completely lost in how to use it for my needs. Take a look at the template toolkit web site, that may help you understand it. http://www.template-toolkit.org/ Mike Looking at the website and the documentation, still reading through it, I'm still not sure how to mix this with my CGI scripts to make them look like the rest of the site even though Konqueror supports the object tag, which I would think would be the last browser to support it. It may just be that I'm new to CGI so I'm having to take what I am learning and throw it out the window? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAklFyJQACgkQRMKiLy/EUZRbKwCfTwPTp0k8ka7h8GxYte5w3/N4 1VEAoJWT9hcdJnLOY+P9qZr0hacuK80C =gdo5 -END PGP SIGNATURE- -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: embedding a CGI script in a HTML page?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike Williams wrote: Your first question was: Is it possible to embed a CGI scrip into a HTML page? Now you say: I'm not trying to put perl code into the page You will get better answers if you start with clearer questions. I'm sorry I guess I should have been more specific in my question, I never wanted to try and put perl code ino my HTML page, I know that that is impossible because the browser has no clue what to do with it, what I am asking about is embedding the text/html the CGI.pm generates into a page where I do have my style at. I have the page generated by my CGI script inside another page that is using my CSS. I've tried to have my CGI script directly handle my CSS but it didn't work due to its limited support for CSS. So now I'm trying to find a better way to make my CGI script look like the rest of my site, I'm guessing this is what Template Toolkit if I can figure out how to do it, or if my solution is the best. Are you using CGI.pm? If so, you can use css by adding: -style={'src'='/mystyle.css'} to the aguments of start_html: print $q-start_html(-style={'src'='/mystyle.css'}); This will cause your cgi code to use the stylesheet. I have tried that and when I tried to call up a div object, in my css (is attached) called leftcolumn, instead of getting a navy blue column on the left side of the page it is just white. If you are not using CGI.pm please specify what other module(s) you are using, or if you are just generating the html yourself (not recommended). No I am letting CGI.pm generate the HTML for me, I figured that it would be the easiest way to do it. Template toolkit is a very useful and powerful tool, but it is probably overkill if all you want to do is use stylesheets. You can do lots of other things with Template::Toolkit that may make it worth the time is takes to learn how to use it. For example, having header and footer information that appears on all of the pages on your site in a template, allowing you to make one change to the template and have that effect your entire site. You can also use template toolkit to generate static pages, so you can use templates to generate pages that do not require cgi, and re-used those templates in you cgi scripts. - From what I see in the tutorial, http://template-toolkit.org/docs/tutorial/Web.html#section_Dynamic_Content_Generation_Via_CGI_Script, the Templete Toolkit only outputs information from the script, but I need it to handle input as well, my script I am working on is a guestbook so it needs to get the name of the guest and a message then output it, as well as save it to a log for later use by the script. Everything works but the plain white background is ugly and doesn't match the rest of my site which is why I started this thread. Mike -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAklGpmQACgkQRMKiLy/EUZSx0wCfXwliS0Vfx/4/+fWdaCbtn/hu rCAAn0LB9YeTJ9oZSc5dJV+MX7kEWqzd =kr4k -END PGP SIGNATURE- body { margin:0; padding:0; line-height: 1.5em; } b { font-size: 110%; } em { color: red; } h5 { color : #ff; } #topsection { background: #fff; height: 90px; /*Height of top section*/text-align: center; } #topsection h1 { margin: 0; padding-top: 15px; } #contentwrapper { float: left; width: 100%; } #contentcolumn { margin-left: 210px; /*Set left margin to LeftColumnWidth*/ } #leftcolumn { position: absolute; top: 0; left: 0; width: 210px; /*Width of left column*/ height: auto; overflow: auto; background-color: #80; color: #fff; } #leftcolumn a { color : #FF; padding-left: 20px; } #footer { clear: left; width: 100%; background: #80; color: #00; text-align: center; padding: 4px 0; } #footer a { color: #80; } .innertube { margin: 10px; /*Margins for inner DIV inside each column (to provide padding)*/margin-top: 0; }-- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: embedding a CGI script in a HTML page?
On Dec 12, 12:47 pm, sdav...@mail.nih.gov (Sean Davis) wrote: You cannot put perl in a webpage the way that you do with PHP. However, there are a number of template engines written for and in perl that give you similar features. Take a look at Template Toolkit, as an example. Sean Are you talking about this, http://search.cpan.org/~abw/Template-Toolkit-2.20/lib/Template.pm? If so it doesn't really say what it is for I am completely lost in how to use it for my needs. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
embedding a CGI script in a HTML page?
Is it possible to embed a CGI scrip into a HTML page? I don't know if CGI scripts work in a way that allow for this, I know that in PHP this is possible, because I want to make my CGI scripts and website have a unified look but I can't get my CSS to work in any of my scripts. -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Re: Problem with uploader
On Saturday 22 November 2008 11:23:28 pm Owen wrote: I apologize for not having the rest of your thread, but don't forget that CGI::Carp can be used, one use is in the set_message routine use CGI::Carp qw(fatalsToBrowser set_message); set_message(Please report details of this error to a href=\mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a. Thankyou.); It may not be applicable to your case, so FWIW Owen I already added CGI::Carp to the script with fatalsToBrowser but its not coming up with any kind of error when I run the script, but yet there is no uploaded file ether. I also upgraded CGI::Carp to the latest from CPAN to see if that would change something but it didn't change anything. -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper signature.asc Description: This is a digitally signed message part.
Re: Problem with uploader
On Friday 21 November 2008 11:23:11 am you wrote: On Tue, 2008-11-18 at 10:49 -0500, Adam Jimerson wrote: If the open failed then wouldn't the die kick in and at least say something in the server logs? Also how would one go around and get a more descriptive error message? For testing reasons the path is pointing to /tmp which is world readable and writable, as for the file it seems the script is looking for something other than what I want rereading my logs I found this: Sorry I glanced at the wrong open statement regarding the above advice. You may however want to use the cgi_error function to catch some potential problems with uploaded data. What would be the best place to place the cgi_error function, at the end of the script or replace die() with it as this how to suggests (although is is targeted more to making your own cgi_error system, but I think calling it would work the same) http://www.foo.be/docs/tpj/issues/vol3_1/tpj0301-0006.html? The CGI module creates a temporary file for the uploaded file before it is handled by your script (which would likely result in a filename like above). It may be with this implicit step that you're having problems. Check options and permissions. What exactly do I need to be looking for in options and permissions? -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper signature.asc Description: This is a digitally signed message part.
Re: Problem with uploader
Matthew Whipple wrote: The open must have failed. You could work on getting a more descriptive error message but I'd suggest starting with the the path and permissions. Also check to make sure existing files are handled properly. Make sure the path used is relative to its environment (if the server is chrooted or anything). If the open failed then wouldn't the die kick in and at least say something in the server logs? Also how would one go around and get a more descriptive error message? For testing reasons the path is pointing to /tmp which is world readable and writable, as for the file it seems the script is looking for something other than what I want rereading my logs I found this: upload: print() on closed filehandle OUTFILE at /srv/www/cgi-bin/upload line 47, fh1myfile.html line 46. What is with the fh1 in front of the file? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
Re: Problem with uploader
On Sunday 16 November 2008 9:10:19 pm you wrote: You'll want to look in the error log to see what is there. Sean All the Apache error logs says is print () on closed Filehandle OUTFILE at /srv/www/cgi-bin/upload line 46, but I do have the filehandle open in the script. -- We must plan for freedom, and not only for security, if for no other reason than only freedom can make security more secure. Karl Popper -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
Re: Problem with uploader
Matthew Whipple wrote: The die message would most likely be written into the server's log. A quick fix to more easily get the error messages would be using CGI::Carp, a use CGI::Carp qw(fatalsToBrowser) should show you the error on the page. Using CGI::Carp didn't produce any error in the browser and the Apache log is saying the same thing. I did update CGI::Carp to see if it would make a difference but no such luck. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
Re: Premature end of script headers
Mike Williams wrote: [EMAIL PROTECTED] wrote: Hello, i need to know the reasons for this error Premature end of script headers i checked with my http header content-type:text/html ,but i had not solved yet.. Often this happens when some error occurs in your code before you output the headers. Try putting this near the top of your script: use CGI::Carp qw(fatalsToBrowser); this will redirect fatal errors to the browser window - see perldoc CGI::Carp for more info. If neither this nor Sean's suggestion helps post your code so we can take a look. Mike I also had this problem the other day the web browser said that there was a Premature end of script headers but the Apache log said that it was a problem with permissions. Checking my script shows that I forgot to make it executable. It might be worth checking the obvious and see if you have a similar problem. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
Problem with uploader
I'm trying to make a CGI script to upload files remotely onto my server, to get around my uni blocking everything but port 80, but I have ran into a problem with it. I followed the documentation on CPAN for uploading files and did what they have suggested as the best way but it doesn't work. Here is my code: #!/usr/bin/perl use warnings; use strict; use CGI ':standard'; #Declare any variables my $radio_button; my $filename; #Generate the form print header; print start_html (File Uploader v3); print h1File Uploader/h1\n; print hr\n; print pWhich file type: /p; print radio_group(-name='File_Type', -values=['HTML', 'CGI'], -default='HTML'); print start_multipart_form(); print pFile Upload: /p; print filefield (-name='Uploaded_file', -default='Give a file', -size='50'); print brbr; print submit('Upload', 'Upload'); print reset; print endform; #Do the work $radio_button = param('File_Type'); if ( $radio_button eq HTML ) { $filename = upload('Uploaded_file'); open (OUTFILE, /tmp/uploaded.html) || die Can't open the file: $!; while ($filename) { print OUTFILE $_; } close (OUTFILE); open (MAIL, |mail -s \File Uploaded\ vendion); print MAIL A file has just been uploaded!\n; close (MAIL); } else { #Code soon to come } print end_html; Running it locally prints out the generated HTML and it looks right and the page does open correctly on my server but there is not file in /tmp and the mail is never sent and I don't know if it is a problem with opening the OUTFILE handle because the die command doesn't kick in from what I can see. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
Adding CSS to a CGI script
I am curious about adding CSS to a CGI script, lets say that this is my script ~~~ #!/usr/bin/perl use warnings; use strict; use CGI qw(:standard); print header(), start_html(Add Me); print h1(Add Me); if(param()) { my $n1 = param('field1'); my $n2 = param('field2'); my $n3 = $n2 + $n1; print p($n1 + $n2 = strong$n3/strong\n); } else { print hr(), start_form(); print p(First Number:, textfield(field1)); print p(Second Number:, textfield(field2)); print p(submit(add), reset(clear)); print end_form, hr(); } print end_html(); ~~~ Would it be possible to add CSS when handling HTML like that? -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/