|Perl: the Markov chain saw|
(crazyinsomniac) Re: Dir Structure Print outby crazyinsomniac (Prior)
|on Nov 14, 2001 at 11:58 UTC||Need Help??|
Guy above me points out security as an issue, and I, being who I am, point you to perlsec, and urge you to add -T (right next to that -w, or like -wT) to the list of switches (see perlrun).
I also like to point out that when you die like you're doing now, the user will get a 500 error, possibly embarrasing whoever decides to use this (user has no idea that's what it's supposed to do when it can't read) ;D. A friendly error message might be in order (see CGI::Carp).
One more thing, you store under $header = "text/html", which is not neccessary when you use &CGI::header, because that is the default, and there really is no need to keep it in a "separate" variable (you prolly just got a little carried away with the configurating ;D)
Also, you might wanna add files that begin with . to the list of stuff not ok to see, as well as the actual script that's displaying the directory structure (unless you want it to show up if its there)
And, you also ought to look into the other parameters for the header method (you might wanna specify an expiration time, like print header(-type=>'text/html', -expires => '+5m');
And, look into Ovids cgi intro course, and look into
cause you never know, somebody might decide to mess with you ;D
Also, since you're going to be using CGI to generate the html, you might as well generate "valid" html, check http://validator.w3.org/ to see about errors, a good starting point is specifying '-dtd' => "-//W3C//DTD HTML 4.0 Transitional//EN" in start_html.
I think that's plenty to ponder, but I suggest you go and check out perlsec first, cause it's the most important.