Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Why doesn't this work with -T?

by coolmichael (Deacon)
on Jul 06, 2001 at 12:00 UTC ( #94404=perlquestion: print w/ replies, xml ) Need Help??
coolmichael has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to write a simple CGI script to read and print out the contents of the error log. I've got a module that contains a hash that has some configuration varriables. Problem is, it doesn't work under taint mode and I can't figure out why. It's fine without taint mode. The error message from the apache log is below.

Any help is appreciated. It's probably something to do with taint that i don't understand yet.

#!perl -w use strict; use CGI; use MySite::ConfigVars qw(%config); $CGI::HEADERS_ONCE = 1; my $q = CGI->new(); print $q->header("text/html"); open (ERRORLOG, $config{'errorlog'}) or die "Error opening error log $config{'errorlog'}\n\n$!"; print $q->start_html("Error Logs"); while(<ERRORLOG>) { print "$_\n", $q->br(); } print $q->end_html(); #########ERROR MESSAGE: [Fri Jul 06 00:53:38 2001] [error] [client 127.0.0.1] Premature end of + script headers: d:/program files/apache group/apache/cgi-bin/errorlo +g.cgi [Fri Jul 06 00:53:38 2001] [error] [client 127.0.0.1] Can't locate MyS +ite/ConfigVars.pm in @INC (@INC contains: D:/Perl/lib D:/Perl/site/li +b) at d:\PROGRA~1\APACHE~1\apache\cgi-bin\errorlog.cgi line 5. [Fri Jul 06 00:53:38 2001] [error] [client 127.0.0.1] BEGIN failed--co +mpilation aborted at d:\PROGRA~1\APACHE~1\apache\cgi-bin\errorlog.cgi + line 5.

Comment on Why doesn't this work with -T?
Download Code
Re: Why doesn't this work with -T?
by davorg (Chancellor) on Jul 06, 2001 at 12:29 UTC
Re: Why doesn't this work with -T?
by Zaxo (Archbishop) on Jul 06, 2001 at 12:34 UTC

    This may not fix problems with all the tainted vars, but it looks like MySite/ConfigVars.pm is not in @INC.

    use lib 'where/that/is/';

    should fix that.

    Other problems may occur with taint mode. It is often a surprise when %ENV is treated a tainted.

    After Compline,
    Zaxo

Re: Why doesn't this work with -T?
by Anonymous Monk on Jul 06, 2001 at 17:14 UTC
    You probably have the MySite::ConfigVars in the '.' directory. In taint mode, '.' won't be in @INC since you have no control over what directory '.' is going to be when it's run.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://94404]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (20)
As of 2015-07-01 15:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (3 votes), past polls