Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

(crazyinsomniac) Re: Dir Structure Print out

by crazyinsomniac (Prior)
on Nov 14, 2001 at 11:58 UTC ( #125271=note: print w/replies, xml ) Need Help??


in reply to Dir Structure Print out

Guy above me points out security as an issue, and I, being who I am, point you to perlsec, and urge you to add -T (right next to that -w, or like -wT) to the list of switches (see perlrun).

I also like to point out that when you die like you're doing now, the user will get a 500 error, possibly embarrasing whoever decides to use this (user has no idea that's what it's supposed to do when it can't read) ;D. A friendly error message might be in order (see CGI::Carp).

One more thing, you store under $header = "text/html", which is not neccessary when you use &CGI::header, because that is the default, and there really is no need to keep it in a "separate" variable (you prolly just got a little carried away with the configurating ;D)

Also, you might wanna add files that begin with . to the list of stuff not ok to see, as well as the actual script that's displaying the directory structure (unless you want it to show up if its there)

And, you also ought to look into the other parameters for the header method (you might wanna specify an expiration time, like print header(-type=>'text/html', -expires => '+5m');

And, look into Ovids cgi intro course, and look into

$CGI::DISABLE_UPLOADS = 1;# Disable uploads $CGI::POST_MAX =-1;# Maximum number of bytes per post
cause you never know, somebody might decide to mess with you ;D

Also, since you're going to be using CGI to generate the html, you might as well generate "valid" html, check http://validator.w3.org/ to see about errors, a good starting point is specifying '-dtd'   => "-//W3C//DTD HTML 4.0 Transitional//EN" in start_html.

I think that's plenty to ponder, but I suggest you go and check out perlsec first, cause it's the most important.

 
___crazyinsomniac_______________________________________
Disclaimer: Don't blame. It came from inside the void

perl -e "$q=$_;map({chr unpack qq;H*;,$_}split(q;;,q*H*));print;$q/$q;"

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://125271]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (3)
As of 2018-02-24 04:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    When it is dark outside I am happiest to see ...














    Results (310 votes). Check out past polls.

    Notices?