M
Mark
I'm not a Perl expert yet (mainly PHP) but as I need to use a little bit of
Perl for a website so I basically copied this code available on several web
tutorials (so I am guessing it is the standard way of doing it). I'm not
totally clear how it works but I can follow the gist. However, I am having
trouble accessing the POST variables that are posted to my page from another
form on a different server. The code just displays a blank.
This is the code I am using copied from the tutotial:
#!/usr/bin/perl
# orderform.cgi
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$Form{$name} = $value;
}
print <<END_of_multiline_text;
Content-Type: text/html; charset=ISO-8859-1
.. . .
<p>Your order is worth a total of:
<strong>£$Form{'grandtotal'}</strong></p>
.. . .
END_of_multiline_text;
BTW, I've also been warned that this code leaves me open to a DoS attack and
to use CGI.pm. If anyone would be so kind as to explain how this attack
works I would be interested. Not that I wish to attack anyone! I just want
to be educated about the security issues in Perl. Perhaps it would be better
to post this to me personally at mjtech_uk aaatttt yahoo.co.uk
Thanks v. much
Mark
Perl for a website so I basically copied this code available on several web
tutorials (so I am guessing it is the standard way of doing it). I'm not
totally clear how it works but I can follow the gist. However, I am having
trouble accessing the POST variables that are posted to my page from another
form on a different server. The code just displays a blank.
This is the code I am using copied from the tutotial:
#!/usr/bin/perl
# orderform.cgi
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$Form{$name} = $value;
}
print <<END_of_multiline_text;
Content-Type: text/html; charset=ISO-8859-1
.. . .
<p>Your order is worth a total of:
<strong>£$Form{'grandtotal'}</strong></p>
.. . .
END_of_multiline_text;
BTW, I've also been warned that this code leaves me open to a DoS attack and
to use CGI.pm. If anyone would be so kind as to explain how this attack
works I would be interested. Not that I wish to attack anyone! I just want
to be educated about the security issues in Perl. Perhaps it would be better
to post this to me personally at mjtech_uk aaatttt yahoo.co.uk
Thanks v. much
Mark