Re: Perl calling Linux commands

If you had printed the system command that you were running you would have figured this out.

Update

Just to show what I meant consider what happens when your code is modified like so:


my $command = qq("svr_submit_RAST_job --user "$username" --passwd "$Pa
+ssword" --fasta "$fasta" --domain "$domain" --genetic_code "$Genetic_
+code") ;

print "\n\n\nGoing to run the following through system:\n $command\n";
[download]

Output

Enter the Rast Username
username
Enter the Rast Password
password
Enter the fasta file Name
filename
Enter the Domain Name
domainname
Enter Genetic_Code
geneticcode



Going to run the following through system:
 "svr_submit_RAST_job --user "username
" --passwd "password
" --fasta "filename
" --domain "domainname
" --genetic_code "geneticcode
"
[download]

And the newlines are there for you to see, as plain as daylight.

Comment on Re: Perl calling Linux commands Select or Download Code

Replies are listed 'Best First'.
Re^2: Perl calling Linux commands by tmharish (Friar) on Mar 08, 2013 at 13:50 UTC
Additionally you need to look at tainted variables. Its a really bad idea to take user input and throw it to system ( or a database ) - What if the username input was: `" \|\| ls && 0 &&` [download] Of course you could replace `ls` with whatever exciting nefarious command you choose but thats the idea ...	[reply] [d/l] [select]

In Section Seekers of Perl Wisdom