Loading ...
Sorry, an error occurred while loading the content.

[PBML] Stumped!

Expand Messages
  • Greg Webster
    I ve been playing with the following script this morning and I keep getting a 500 server error when I submit a form to the userlogin subroutine. Any help
    Message 1 of 5 , Jan 1, 2000
    • 0 Attachment
      I've been playing with the following script this morning and I keep getting a
      500 server error when I submit a form to the "userlogin" subroutine. Any help
      would be appreciated. The admin subroutine functions perfectly, and perl -c
      brings up no syntax errors.

      Thanks!

      Greg


      #!/usr/bin/perl

      # SimpleUserLogin (SUL) script Copyright (c) Greg Webster 1999 & 2000

      $pathtodat = "userlogin.dat";
      $adminuser = "admin";
      $adminpass = "password";


      # Check to see if we have just come from admin form
      if ($ARGV[0] =~ "update")
      { &update; die; }

      # If not from admin form, continue on.
      # Split values
      read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
      @pairs = split(/&/, $buffer);
      foreach $pair (@pairs)
      {
      ($name, $value) = split(/=/, $pair);
      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
      $FORM{$name} = $value;
      }

      # If administrator, create administration form
      if ($FORM{USERNAME} =~ $adminuser && $FORM{PASSWORD} =~ $adminpass)
      {
      &admin;
      }

      # If not admininstrator, do the relocation
      if ($FORM{USERNAME} != $adminuser)
      {
      &userlogin;
      }

      # Create form for administrator updates
      sub admin
      {
      open (DATFILE, "$pathtodat") || die("Could not open $pathtodat");
      @datinfo = <DATFILE>;
      print "Content-type: text/html\n\n";
      print '<html><head><title>Admin SimpleUserLogin</title></head>';
      print '<body bgcolor="#99CCFF"><center>';
      print '<form action="userlogin.cgi?update" method=POST>';
      print '<textarea name="dat" rows=6 cols=40>';
      print "@datinfo\n";
      print '</textarea><br clear=all>';
      print '<input type=submit value="Update users"><input type=reset value="Reset">';
      print '</center></body></html>';
      close DATFILE;
      }

      # from admin form, do update
      sub update
      {
      # Split values
      read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
      @pairs = split(/&/, $buffer);
      foreach $pair (@pairs)
      {
      ($name, $value) = split(/=/, $pair);
      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
      $FORM{$name} = $value;
      }
      # Read file, parse it
      open (OUTDATFILE, ">$pathtodat") || die("Cannot open $pathtodat for writing");
      if ($FORM{dat} != /[A-Za-z0-9]/)
      {
      print "Content-type: text/html\n\n";
      print "Clearing the dat file is not allowed via this interface";
      die;
      }
      else
      {
      print OUTDATFILE $FORM{dat};
      }
      close OUTDATFILE;
      &admin;
      }


      # do the fairly simple relocation...the actual purpose of the script.
      sub userlogin
      {
      open (INDATFILE, "$pathtodat") || die("Could not read $pathtodat");
      @datlines = <INDATFILE>;
      foreach $line (@datlines)
      {
      @lineset = split(/::/, $line);
      if ($lineset[0] eq $FORM{USERNAME} && $lineset[1] eq $FORM{PASSWORD})
      {
      print "Content-type: text/plain\n\n";
      print "Location: $lineset[2]\n\n";
      }
      else
      {
      print "Content-type: text/html\n\n";
      print '<html><head><title>No entry</title></head>';
      print '<body bgcolor="#99CCFF"><center>';
      print '<h2>Mistyped username or password...if you have reached this page in error, please contact the administrator</h2>';
      print '</center></body></html>';
      }
      }
      die;
      }
    • Jeff Boes
      ... Well, without even looking at your code, may I refer you to the following reference: The Idiot s Guide to Solving Perl CGI Problems
      Message 2 of 5 , Jan 1, 2000
      • 0 Attachment
        > -----Original Message-----
        > From: Greg Webster [mailto:greg@...]
        > Sent: Saturday, January 01, 2000 7:08 PM
        > To: perl-beginner@...
        > Subject: [PBML] Stumped!
        >
        >
        > I've been playing with the following script this morning and I
        > keep getting a
        > 500 server error when I submit a form to the "userlogin"
        > subroutine. Any help
        > would be appreciated. The admin subroutine functions perfectly,
        > and perl -c
        > brings up no syntax errors.

        Well, without even looking at your code, may I refer you to the following
        reference:

        The Idiot's Guide to Solving Perl CGI Problems
        <ftp://ftp.epix.net/pub/languages/perl/doc/FAQs/cgi/idiots-guide.html>

        (Don't be put off by the title.)

        Also, always add this to your CGI scripts, at least until you have them
        working:

        use CGI::Carp qw(fatalsToBrowser);
        BEGIN {
        open(STDERR, '>error.log') || die "Can't open error.log, $!";
        }

        This will cause fatal errors to show up in the browser, and it will send
        error logging to the named file. In addition, you can now sprinkle messages
        like this:

        carp "Got here, loop variable is now '$i'";

        throughout your code.

        Now let's have a look at your code:

        > # Split values
        > read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
        > @pairs = split(/&/, $buffer);
        > foreach $pair (@pairs)
        > {
        > ($name, $value) = split(/=/, $pair);
        > $value =~ tr/+/ /;
        > $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
        > $FORM{$name} = $value;
        > }


        8-P Yuck. Don't reinvent the wheel here, use a CGI package of some sort.
        You can't hardly go wrong with CGI.pm. You can replace all this code with:

        use CGI qw(:standard);
        $q = new CGI;
        %FORM = map(($_, param('$_')), param());

        (The last line is just for 'comfort', as it loads the %FORM hash with
        parameter values so the rest of your code is unchanged.) This approach is
        far more maintainable, if someone else has to pick up this code and make it
        do something different.


        >
        > # If administrator, create administration form
        > if ($FORM{USERNAME} =~ $adminuser && $FORM{PASSWORD} =~ $adminpass)

        Ooh. You should be aware that doing '=~' like this is a pattern match. You
        probably want /$adminuser/ and
        /$adminpass/, and even then this probably isn't what you meant, because a
        username of 'notadmin' will match. You probably want

        if ($FORM{USERNAME} eq $adminuser && $FORM{PASSWORD} eq $adminpass)


        > # If not admininstrator, do the relocation
        > if ($FORM{USERNAME} != $adminuser)

        'ne' is better than '!=' because you want a string, not a numeric
        comparison. This is going to do something silly, like convert both sides to
        numbers first and then compare them.

        Well, that's a start. You may be able to take it from here, especially with
        the hints in your error.log file.

        ----
        "The history of ideas is the history of the grudges of solitary men."
        --E. M. Cioran
      • Ahrendt, Robert
        don t you get a 500 error when you don t set your script permissions? chmod 755 perlscript.pl
        Message 3 of 5 , Jan 3, 2000
        • 0 Attachment
          don't you get a 500 error when you don't set your script permissions?
          chmod 755 perlscript.pl

          > ----------
          > From: Jeff Boes[SMTP:jboes@...]
          > Reply To: perl-beginner@egroups.com
          > Sent: Saturday, January 01, 2000 8:25 PM
          > To: perl-beginner@...
          > Subject: [PBML] Re: Stumped!
          >
          >
          >
          > > -----Original Message-----
          > > From: Greg Webster [mailto:greg@...]
          > > Sent: Saturday, January 01, 2000 7:08 PM
          > > To: perl-beginner@...
          > > Subject: [PBML] Stumped!
          > >
          > >
          > > I've been playing with the following script this morning and I
          > > keep getting a
          > > 500 server error when I submit a form to the "userlogin"
          > > subroutine. Any help
          > > would be appreciated. The admin subroutine functions perfectly,
          > > and perl -c
          > > brings up no syntax errors.
          >
          > Well, without even looking at your code, may I refer you to the following
          > reference:
          >
          > The Idiot's Guide to Solving Perl CGI Problems
          > <ftp://ftp.epix.net/pub/languages/perl/doc/FAQs/cgi/idiots-guide.html>
          >
          > (Don't be put off by the title.)
          >
          > Also, always add this to your CGI scripts, at least until you have them
          > working:
          >
          > use CGI::Carp qw(fatalsToBrowser);
          > BEGIN {
          > open(STDERR, '>error.log') || die "Can't open error.log, $!";
          > }
          >
          > This will cause fatal errors to show up in the browser, and it will send
          > error logging to the named file. In addition, you can now sprinkle
          > messages
          > like this:
          >
          > carp "Got here, loop variable is now '$i'";
          >
          > throughout your code.
          >
          > Now let's have a look at your code:
          >
          > > # Split values
          > > read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
          > > @pairs = split(/&/, $buffer);
          > > foreach $pair (@pairs)
          > > {
          > > ($name, $value) = split(/=/, $pair);
          > > $value =~ tr/+/ /;
          > > $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",
          > hex($1))/eg;
          > > $FORM{$name} = $value;
          > > }
          >
          >
          > 8-P Yuck. Don't reinvent the wheel here, use a CGI package of some sort.
          > You can't hardly go wrong with CGI.pm. You can replace all this code with:
          >
          > use CGI qw(:standard);
          > $q = new CGI;
          > %FORM = map(($_, param('$_')), param());
          >
          > (The last line is just for 'comfort', as it loads the %FORM hash with
          > parameter values so the rest of your code is unchanged.) This approach is
          > far more maintainable, if someone else has to pick up this code and make
          > it
          > do something different.
          >
          >
          > >
          > > # If administrator, create administration form
          > > if ($FORM{USERNAME} =~ $adminuser && $FORM{PASSWORD} =~ $adminpass)
          >
          > Ooh. You should be aware that doing '=~' like this is a pattern match. You
          > probably want /$adminuser/ and
          > /$adminpass/, and even then this probably isn't what you meant, because a
          > username of 'notadmin' will match. You probably want
          >
          > if ($FORM{USERNAME} eq $adminuser && $FORM{PASSWORD} eq $adminpass)
          >
          >
          > > # If not admininstrator, do the relocation
          > > if ($FORM{USERNAME} != $adminuser)
          >
          > 'ne' is better than '!=' because you want a string, not a numeric
          > comparison. This is going to do something silly, like convert both sides
          > to
          > numbers first and then compare them.
          >
          > Well, that's a start. You may be able to take it from here, especially
          > with
          > the hints in your error.log file.
          >
          > ----
          > "The history of ideas is the history of the grudges of solitary men."
          > --E. M. Cioran
          >
          >
          > ------------------------------------------------------------------------
          > Want to send money instantly to anyone, anywhere, anytime?
          > You can today at X.com - and we'll give you $20 to try it! Sign
          > up today at X.com. It's quick, free, & there's no obligation!
          > http://click.egroups.com/1/332/1/_/12898/_/946776363
          >
          > -- Easily schedule meetings and events using the group calendar!
          > -- http://www.egroups.com/cal?listname=perl-beginner&m=1
          >
          >
        • Jeff Boes
          Actually, you can get a 500 error from a number of things: * syntax error in the script * bad header (usually caused by a run-time error occurring before the
          Message 4 of 5 , Jan 3, 2000
          • 0 Attachment
            Actually, you can get a 500 error from a number of things:

            * syntax error in the script
            * bad header (usually caused by a run-time error occurring before the script
            produces the "Content-type" header)
            * bad path in the shebang ("#!/usr/bin/perl")

            Permissions on the script file sometimes cause a 500, and sometimes
            (depending on the server and its configuration) cause an "access denied".

            > -----Original Message-----
            > From: Ahrendt, Robert [mailto:RAHRENDT@...]
            > Sent: Monday, January 03, 2000 8:01 AM
            > To: 'perl-beginner@egroups.com'
            > Subject: [PBML] Re: Stumped!
            >
            >
            > don't you get a 500 error when you don't set your script permissions?
            > chmod 755 perlscript.pl
            >

            ----
            It is necessary for the welfare of society that genius should be privileged
            to utter sedition, to blaspheme, to outrage good taste, to corrupt the
            youthful mind, and generally to scandalize one's uncles. -- George Bernard
            Shaw
          • Greg Webster
            ... Yup, permissions were all correct, believe me, that s the first thing I checked...in the end it was an error based on using != instead of ne. Thanks, Greg
            Message 5 of 5 , Jan 3, 2000
            • 0 Attachment
              On Mon, 03 Jan 2000, you wrote:
              > don't you get a 500 error when you don't set your script permissions?
              > chmod 755 perlscript.pl

              Yup, permissions were all correct, believe me, that's the first thing I
              checked...in the end it was an error based on using != instead of ne.

              Thanks,

              Greg
            Your message has been successfully submitted and would be delivered to recipients shortly.