Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Why doesn't this work with -T?

by coolmichael (Deacon)
on Jul 06, 2001 at 12:00 UTC ( #94404=perlquestion: print w/ replies, xml ) Need Help??
coolmichael has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to write a simple CGI script to read and print out the contents of the error log. I've got a module that contains a hash that has some configuration varriables. Problem is, it doesn't work under taint mode and I can't figure out why. It's fine without taint mode. The error message from the apache log is below.

Any help is appreciated. It's probably something to do with taint that i don't understand yet.

#!perl -w use strict; use CGI; use MySite::ConfigVars qw(%config); $CGI::HEADERS_ONCE = 1; my $q = CGI->new(); print $q->header("text/html"); open (ERRORLOG, $config{'errorlog'}) or die "Error opening error log $config{'errorlog'}\n\n$!"; print $q->start_html("Error Logs"); while(<ERRORLOG>) { print "$_\n", $q->br(); } print $q->end_html(); #########ERROR MESSAGE: [Fri Jul 06 00:53:38 2001] [error] [client 127.0.0.1] Premature end of + script headers: d:/program files/apache group/apache/cgi-bin/errorlo +g.cgi [Fri Jul 06 00:53:38 2001] [error] [client 127.0.0.1] Can't locate MyS +ite/ConfigVars.pm in @INC (@INC contains: D:/Perl/lib D:/Perl/site/li +b) at d:\PROGRA~1\APACHE~1\apache\cgi-bin\errorlog.cgi line 5. [Fri Jul 06 00:53:38 2001] [error] [client 127.0.0.1] BEGIN failed--co +mpilation aborted at d:\PROGRA~1\APACHE~1\apache\cgi-bin\errorlog.cgi + line 5.

Comment on Why doesn't this work with -T?
Download Code
Re: Why doesn't this work with -T?
by davorg (Chancellor) on Jul 06, 2001 at 12:29 UTC
Re: Why doesn't this work with -T?
by Zaxo (Archbishop) on Jul 06, 2001 at 12:34 UTC

    This may not fix problems with all the tainted vars, but it looks like MySite/ConfigVars.pm is not in @INC.

    use lib 'where/that/is/';

    should fix that.

    Other problems may occur with taint mode. It is often a surprise when %ENV is treated a tainted.

    After Compline,
    Zaxo

Re: Why doesn't this work with -T?
by Anonymous Monk on Jul 06, 2001 at 17:14 UTC
    You probably have the MySite::ConfigVars in the '.' directory. In taint mode, '.' won't be in @INC since you have no control over what directory '.' is going to be when it's run.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://94404]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (10)
As of 2014-07-25 12:51 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (171 votes), past polls