[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] CGI permission problems (driving me bonkers)

Subject: [cobalt-users] CGI permission problems (driving me bonkers)
From: "No I Won't" <iwont@xxxxxxxx>
Date: Fri Aug 16 07:27:04 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Hi, I'm having a hell of a time trying to get a form handler to work.  I
have read every on CGI to this list since September 29 2001 and have still
had no luck, I've looked at the Cobalt CGI FAQ and also Unixtools.com for
the Wrapper and can't figure out for the life of me why this one work, I've
been looking at it constantly for over 24 hours.  I'd appreciate any
assistance that can be offered.

I've attached the scripts to this message.  All my permissions are correct
in terms of UID, GID and also 755. but still no luck, please feel free to
take a look at the permission denied message issued by the debugger, you can
get it via the following URL:
http://www.caribblueapts.com/cgiwrapDir/cgiwrapd/form_processor.pl

Thanks in advance for any pointers/assistance.

Jay




P.S. the scripts are shown below..

++++++++++++++++++++++++++++++++++++++++++++++
CGI-LIB.pl

++++++++++++++++++++++++++++++++++++++++++++++

#!/usr/bin/perl

# Perl Routines to Manipulate CGI input
#
# Copyright (c) 1995 Steven E. Brenner
# Permission granted to use and modify this library so long as the
# copyright above is maintained, modifications are documented, and
# credit is given for any use of the library.
#
# Thanks are due to many people for reporting bugs and suggestions
# especially Meng Weng Wong, Maki Watanabe, Bo Frese Rasmussen,
# Andrew Dalke, Mark-Jason Dominus, Dave Dittrich, Jason Mathews

# For more information, see:
#     http://www.bio.cam.ac.uk/web/form.html
#     http://www.seas.upenn.edu/~mengwong/forms/

# Minimalist http form and script
(http://www.bio.cam.ac.uk/web/minimal.cgi):
#
# require "cgi-lib.pl";
# if (&ReadParse(*input)) {
#    print &PrintHeader, &PrintVariables(%input);
# } else {
#   print &PrintHeader,'<form><input type="submit"> Data: <input
name="myfield">';
#}

# ReadParse
# Reads in GET or POST data, converts it to unescaped text,
# creates key/value pairs in %in, using '\0' to separate multiple
# selections

# Returns TRUE if there was input, FALSE if there was no input
# UNDEF may be used in the future to indicate some failure.

# Now that cgi scripts can be put in the normal file space, it is useful
# to combine both the form and the script in one place.  If no parameters
# are given (i.e., ReadParse returns FALSE), then a form could be output.

# If a variable-glob parameter (e.g., *cgi_input) is passed to ReadParse,
# information is stored there, rather than in $in, @in, and %in.

sub ReadParse {
  local (*in) = @_ if @_;
  local ($i, $key, $val);

  # Read in text
  if (&MethGet) {
    $in = $ENV{'QUERY_STRING'};
  } elsif (&MethPost) {
    read(STDIN,$in,$ENV{'CONTENT_LENGTH'});
  }

  @in = split(/[&;]/,$in);

  foreach $i (0 .. $#in) {
    # Convert plus's to spaces
    $in[$i] =~ s/\+/ /g;

    # Split into key and value.
    ($key, $val) = split(/=/,$in[$i],2); # splits on the first =.

    # Convert %XX from hex numbers to alphanumeric
    $key =~ s/%(..)/pack("c",hex($1))/ge;
    $val =~ s/%(..)/pack("c",hex($1))/ge;

    # Associate key and value
    $in{$key} .= "\0" if (defined($in{$key})); # \0 is the multiple
separator
    $in{$key} .= $val;

  }

  return scalar(@in);
}


# PrintHeader
# Returns the magic line which tells WWW that we're an HTML document

sub PrintHeader {
  return "Content-type: text/html\n\n";
}


# HtmlTop
# Returns the <head> of a document and the beginning of the body
# with the title and a body <h1> header as specified by the parameter

sub HtmlTop
{
  local ($title) = @_;

  return <<END_OF_TEXT;
<html>
<head>
<title>$title</title>
</head>
<body>
<h1>$title</h1>
END_OF_TEXT
}

# Html Bot
# Returns the </body>, </html> codes for the bottom of every HTML page

sub HtmlBot
{
   return "</body>\n</html>\n";
 }


# MethGet
# Return true if this cgi call was using the GET request, false otherwise

sub MethGet {
  return ($ENV{'REQUEST_METHOD'} eq "GET");
}


# MethPost
# Return true if this cgi call was using the POST request, false otherwise

sub MethPost {
  return ($ENV{'REQUEST_METHOD'} eq "POST");
}


# MyURL
# Returns a URL to the script

sub MyURL  {
  local ($port);
  $port = ":" . $ENV{'SERVER_PORT'} if  $ENV{'SERVER_PORT'} != 80;
  return  'http://' . $ENV{'SERVER_NAME'} .  $port . $ENV{'SCRIPT_NAME'};
}


# CgiError
# Prints out an error message which which containes appropriate headers,
# markup, etcetera.
# Parameters:
#  If no parameters, gives a generic error message
#  Otherwise, the first parameter will be the title and the rest will
#  be given as different paragraphs of the body

sub CgiError {
  local (@msg) = @_;
  local ($i,$name);

  if (!@msg) {
    $name = &MyURL;
    @msg = ("Error: script $name encountered fatal error");
  };

  print &PrintHeader;
  print "<html><head><title>$msg[0]</title></head>\n";
  print "<body><h1>$msg[0]</h1>\n";
  foreach $i (1 .. $#msg) {
    print "<p>$msg[$i]</p>\n";
  }
  print "</body></html>\n";
}


# CgiDie
# Identical to CgiError, but also quits with the passed error message.

sub CgiDie {
  local (@msg) = @_;
  &CgiError (@msg);
  die @msg;
}


# PrintVariables
# Nicely formats variables in an associative array passed as a parameter
# And returns the HTML string.
sub PrintVariables {
  local (%in) = @_;
  local ($old, $out, $output);
  $old = $*;  $* =1;
  $output .=  "\n<dl compact>\n";
  foreach $key (sort keys(%in)) {
    foreach (split("\0", $in{$key})) {
      ($out = $_) =~ s/\n/<br>\n/g;
      $output .=  "<dt><b>$key</b>\n <dd><i>$out</i><br>\n";
    }
  }
  $output .=  "</dl>\n";
  $* = $old;

  return $output;
}

# PrintVariablesShort
# Now obsolete; just calls PrintVariables

sub PrintVariablesShort {
  return &PrintVariables(@_);
}

1; #return true

++++++++++++++++++++++++++++++++++++++++


form-processor.pl


++++++++++++++++++++++++++++++++++++++++


#!/usr/bin/perl
#######################################################
#form_processor.pl 1.0
#
#by Command-O Software
#http://www.command-o.com
#Programmer: Kendall Comey
#For support, write: support@xxxxxxxxxxxxx
#Copyright, 1997, All Rights Reserved
#
#By using this script Licensee agrees to all terms of
#the License Agreement.
#
#If you find this script useful, we would appreciate a
#donation to keep this service active for the community.
#Command-O Software, P.O. Box 12200, Jackson WY 83002
#
#######################################################
#Require the cgi library
require './cgi-lib.pl';

#Turn off Perl buffering
$| = 1;

&ReadParse(*input);

########################################################
# Client Customization Variables

#Option No. 1
$email_admin = 1; #1 is on; 0 if off;

#Option No. 2
$write_form_info = 0; #1 is on; 0 is off;
#Path of file to write form data to. Must be read/writeable
$form_info_path = "/usr/local/etc/httpd/htdocs/demos/feedback_archive.txt";

#Option No. 3
$email_datafile = 0; #1 is on; 0 is off;
#Path to email addresses datafile
$email_datafile_path =
"/usr/local/etc/httpd/htdocs/demos/feedback_emails.txt";

#Option No. 4
$send_email_to_user = 1; #1 is on; 0 is off;
#Path of text file to be sent to user
$feedback_response_path =
"/usr/local/etc/httpd/htdocs/demos/feedback_response.txt";

#Option No. 5
$include_field_name = 1; #1 is on; 0 if off;

#Subject of email sent to user
$email_subject = "Response from Carib Blue Apartment Hotel - Barbados";

#Path to sendmail
$mailprog = "/lib/sendmail -t";

$date_command = "/bin/date";

#You should not need to change anything beyond this point

$date = `$date_command +"%D"`;

#Go through the required fields and send to user an error message if field
is empty
while (($key, $value) = each %input)	{
if ($key =~ /required-/ && $value eq "")	{
$key =~ s/^\d*\)*required\-*//g;
print &PrintHeader;
print "The $key field is required. Please use the back button on your
browser to ";
print "enter the required information and submit the form again. Thank
you.";
exit;
}
}

#Take all the fields that begin with a number, sort them by number and put
them into #the sortedkeys array
foreach $key (sort(keys(%input)))	{
if ($key =~ /user_email/)	{
$user_email = "$input{$key}";
$user_email =~ s/^\d*\)\s*//;
$user_email =~ s/required-//;
}
unless ($key =~ /^\d+/)	{
next;
}
push (@sortedkeys, "$key|$input{$key}");
}

#Send email to admin if selected
if ($email_admin == 1)	{
&email_admin;
}
#Send text file to user if selected
if ($send_email_to_user == 1)	{
&send_info;
}
#Write form data to file if selected
if ($write_form_info == 1)	{
&write_form_info;
}
#Write email addresses to datafile if selected
if ($email_datafile == 1)	{
&write_email_datafile;
}

sub write_email_datafile	{
open (EMAIL, ">>$email_datafile_path") || die ("I am sorry, but I was unable
to open the file $email_datafile_path");
print EMAIL "$user_email\n";
}

sub write_form_info	{
open (FORM, ">>$form_info_path") || die ("I am sorry, but I was unable to
open the file $form_info_path");
foreach $sortedkeys (@sortedkeys)	{
$sortedkeys =~ s/^\d*\)\s*//;
$sortedkeys =~ s/required-//;
($name, $answer) = split (/\|/, $sortedkeys);
print FORM "$name -- $answer\n";
}
print FORM "\n";
close (FORM);
}

sub send_info	{
if ($user_email =~ /^[\w-.]+\@[\w-.]+$/)	{
open (MAIL, "|$mailprog $user_email") || die "Can't open $mailprog!\n";
print MAIL "To: $user_email\n";
print MAIL "From: $input{'admin'}\n";
print MAIL "Subject: $email_subject\n\n";
open (PAGE, "$feedback_response_path") || die ("I am sorry, but I was unable
to open the file $feedback_response_path.");
			while (<PAGE>)		{
						print MAIL $_;
			}
			close (PAGE);
close (MAIL);
}
}

sub email_admin	{
if ($input{'admin'} =~ /^[\w-.]+\@[\w-.]+$/)	{
open (MAIL, "|$mailprog $input{'admin'}") || die "Can't open $mailprog!\n";
print MAIL "To: $input{'admin'}\n";
print MAIL "From: $user_email\n";
print MAIL "Subject: $input{'subject'}\n\n";
foreach $sortedkeys (@sortedkeys)	{
$sortedkeys =~ s/^\d*\)\s*//;
$sortedkeys =~ s/required-//;
($name, $answer) = split (/\|/, $sortedkeys);
if ($include_field_name == 1)	{
print MAIL "$name -- $answer\n";
}
else	{
print MAIL "$answer\n";
}
}
close (MAIL);
}
}

#Send them to the proper URL
print "Location: $input{'redirect'}\n\n";


------------------------------------------------------------------------

Warning : The information contained in this message may be privileged
and confidential and protected from disclosure. If the reader of this
message is not the intended recipient, you are hereby notified that
any dissemination, distribution or copying of this communication is
strictly prohibited. If you have received this communication in error,
please notify us immediately by replying to this message and then delete
it from your computer. All e-mail sent to this address will be received
by the corporate e-mail system and is subject to archiving and review
by someone other than the recipient.
=========================================================================
Follow-Ups:
- Re: [cobalt-users] CGI permission problems (driving me bonkers)
  - From: G Knox
- Re: [cobalt-users] CGI permission problems (driving me bonkers)
  - From: Jonathan Michaelson
Prev by Date: Re: [cobalt-users] disk usage
Next by Date: Re: [cobalt-users] disk usage
Previous by thread: Re: [cobalt-users] Help on cron error
Next by thread: Re: [cobalt-users] CGI permission problems (driving me bonkers)
Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index