Clarification of terms

[rrosell]

I am using a guestbook from the Matt Wright scripts archive. Two of the
variables required in a perl script (guestbook.pl) perplex me:

First:
$guestbookreal is referred to as the "system location" of the guestbook.
The syntax statement offered statement is:

$guestbookreal="/home/yourname/public_html/guestbook.html";

Second:
$guestlog="/home/yourname/public_html/guestlog.html";

I am not certain how I should interpret this in terms of my angelfire web
site?

My web site homepage is:

Http://www.angelfire.com/pro/wccft/index.html

I would appreciate an explanation of this.

Thanks,

Richard

 

[Ben Morrow]

I am using a guestbook from the Matt Wright scripts archive.

Don't.

Ben

 

[Robert Wallace]

Don't.

Ben

why?
Too well known?
that guessbook was my first (second?) CGI and perl.
it got me started in this mess to begin with.

 

[Ben Morrow]

why?

See <http://nms-cgi.sourceforge.net/faq_nms.html>.

 

[Rocco Caputo]

why?
Too well known?
that guessbook was my first (second?) CGI and perl.
it got me started in this mess to begin with.

You could say that. Matt Wright's infamous for releasing buggy and
insecure CGI scripts.

http://www.google.com/search?q=insecure+matt+wright+cgi

 

[Gunnar Hjalmarsson]

$guestbookreal="/home/yourname/public_html/guestbook.html";

Second:
$guestlog="/home/yourname/public_html/guestlog.html";

I am not certain how I should interpret this in terms of my
angelfire web site?

Those are file paths. Paths are something quite different from URLs,
so the URL to your homepage is irrelevant.

I have no idea of Angelfire's directory structure. If you don't know
the path to your web site, you'd better find out through Angelfire's
documentation or through their support.

Please note that your question is clearly off topic in this group.

 

[Bx. C]

See <http://nms-cgi.sourceforge.net/faq_nms.html>.

very interesting... how about Darryl Burgdorf's scripts?
http://awsd.com/scripts

well... aside from the fact that you have to pay for them? what would be
your assessment of his scripts?

 

[Ben Morrow]

very interesting... how about Darryl Burgdorf's scripts?
http://awsd.com/scripts

well... aside from the fact that you have to pay for them? what would be
your assessment of his scripts?

If I have to pay for them, how am I going to make an assessment?

As a general rule, I would say that anything that has been properly
peer-reviewed (i.e. CPAN modules, nms-cgi, etc.) is 'safe', and
anything which hasn't should be treated with the utmost suspicion.

Ben

 

[Robert Wallace]

....

You could say that. Matt Wright's infamous for releasing buggy and
insecure CGI scripts.

oh, that's why.
now I remember.
I left a formmail.cgi from Matt's on my homepage root and forgot about
it.
boy did I pay for that.
I'm still paying for it today.
you remember the gaping sendmail hole in formmail.cgi? I certainly do.

 

[Uri Guttman]

BC> very interesting... how about Darryl Burgdorf's scripts?
BC> http://awsd.com/scripts

BC> well... aside from the fact that you have to pay for them? what
BC> would be your assessment of his scripts?

too expensive. but you are comparing them to free.

ok, i peeked.

no strict
no warnings
package globals (TONS of them).
& for sub calls
looks like perl4 code
too few modules used
local()

a sub full of this crap!

$TodayOutside = 0;
$TodayPages = 0;
$TopDomain = "";
$endhour = 0;
$logsegment = "";
%BytesHour = ();
%BytesUserIDCounter = ();
%DayFilesCounter = ();

crappy code like this:

$MonthlyFilesCounter{$Month}=$Accesses;
$MonthlyBytesCounter{$Month}=$Bytes;
$MonthlySessionsCounter{$Month}=$Domains;
$MonthlyPViewsCounter{$Month}=$PViews;

and more crap like this (repeated prints are the sign of a bad coder,
even in perl4):

print REPORT &commas($usersessions),"</STRONG> distinct visits; ";
print REPORT "the typical visitor seems to have spent about <STRONG>";

it IS perl4 code. it has no refs i can find. just parallel global
hashes. oy!! i see a few perl5 things. a use line, chomp. but mostly
perl4 code.

regex bugs (using $1,$2 without testing the result of s///)

is that enough?

almost all web scripts like this on the net (free or paid) are CRAP
code. this script can be modified easily, can't be extended (try dealing
with tons of global hashes!), can't be reused in a larger OO system,
hardwires html in code
etc.

since you seem to have paid for this code, i will send you a bill for my
code review. that seems fair.

uri

 

[Robert Wallace]

.........

ok, i peeked.

no strict
no warnings

no comments (other than his credits in the begining)

package globals (TONS of them).
& for sub calls

what's wrong with & it's explicit. you know for sure its your own
functions.
and your alt.?

 

[Bill]

$guestbookreal is referred to as the "system location" of the guestbook.

that's the physical path to the file on the server hard drive.

The syntax statement offered statement is:

$guestbookreal="/home/yourname/public_html/guestbook.html";

Second:
$guestlog="/home/yourname/public_html/guestlog.html";

I am not certain how I should interpret this in terms of my angelfire web
site?

My web site homepage is:

Http://www.angelfire.com/pro/wccft/index.html

I would appreciate an explanation of this.

This is sort of cgi, not perl, but you could try running this on your cgi site:
(untested)#!/usr/bin/perl -w
use strict;
use CGI;
my $q = new CGI;
print $q->header,
$q->start_html,
$q->h1("PATH_TRANSLATED:"),
$q->h2($q->path_translated()),
$q->end_html;

<<<<<<<<<

I'm told this does not work with all servers.

 

[Eric Schwartz]

what's wrong with & it's explicit. you know for sure its your own
functions.
and your alt.?

perldoc perlfaq7

"What's the difference between calling a function as &foo and foo()?"

Short answer, it doesn't do what you think it does, and it's
completely unnecessary to boot.

-=Eric

 

[Uri Guttman]

RW> no comments (other than his credits in the begining)

RW> what's wrong with & it's explicit. you know for sure its your own
RW> functions.

it is wrong. see many mentions of this in this group. read perlsub and
see what it really means.

RW> and your alt.?

like i care? i dispise all the bad code out there in these 'kiddie
scripts'. most are written with bugs and security holes and are so
poorly designed. their authors think they are $DIETY's gift to perl and
web sites. bleccch.

as someone else posted, look at the nms scripts on sourceforge.

uri

 

[Tad McClellan]

Uri Guttman wrote:
what's wrong with &

perldoc -q function

What's the difference between calling a function as &foo and foo()?

and your alt.?

foo()

 

[Tassilo v. Parseval]

Also sprach Uri Guttman:

RW> no comments (other than his credits in the begining)


RW> what's wrong with & it's explicit. you know for sure its your own
RW> functions.

it is wrong. see many mentions of this in this group. read perlsub and
see what it really means.

The fact that it has two often unneeded side-effects may be questionable
style, but it's certainly not wrong.

As for one effect (the passing of @_), this one doesn't even show up when
parens are used.

RW> and your alt.?

like i care? i dispise all the bad code out there in these 'kiddie
scripts'. most are written with bugs and security holes and are so
poorly designed. their authors think they are $DIETY's gift to perl and
web sites. bleccch.

And yet quite a few of such scripts get their job done. Bad code is not
the privilege of kiddies. Some of the most disgusting examples of Perl
code can be found in a typical Perl source distribution. Have a look at
h2xs for instance.

Tassilo