Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

comment on

( [id://3333] : superdoc . print w/replies, xml ) Need Help??
Guy above me points out security as an issue, and I, being who I am, point you to perlsec, and urge you to add -T (right next to that -w, or like -wT) to the list of switches (see perlrun).

I also like to point out that when you die like you're doing now, the user will get a 500 error, possibly embarrasing whoever decides to use this (user has no idea that's what it's supposed to do when it can't read) ;D. A friendly error message might be in order (see CGI::Carp).

One more thing, you store under $header = "text/html", which is not neccessary when you use &CGI::header, because that is the default, and there really is no need to keep it in a "separate" variable (you prolly just got a little carried away with the configurating ;D)

Also, you might wanna add files that begin with . to the list of stuff not ok to see, as well as the actual script that's displaying the directory structure (unless you want it to show up if its there)

And, you also ought to look into the other parameters for the header method (you might wanna specify an expiration time, like print header(-type=>'text/html', -expires => '+5m');

And, look into Ovids cgi intro course, and look into

$CGI::DISABLE_UPLOADS = 1;# Disable uploads $CGI::POST_MAX =-1;# Maximum number of bytes per post
cause you never know, somebody might decide to mess with you ;D

Also, since you're going to be using CGI to generate the html, you might as well generate "valid" html, check http://validator.w3.org/ to see about errors, a good starting point is specifying '-dtd'   => "-//W3C//DTD HTML 4.0 Transitional//EN" in start_html.

I think that's plenty to ponder, but I suggest you go and check out perlsec first, cause it's the most important.

 
___crazyinsomniac_______________________________________
Disclaimer: Don't blame. It came from inside the void

perl -e "$q=$_;map({chr unpack qq;H*;,$_}split(q;;,q*H*));print;$q/$q;"


In reply to (crazyinsomniac) Re: Dir Structure Print out by crazyinsomniac
in thread Dir Structure Print out by jclovs

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.