Feedback form using cgi script

L

LaMoRt

Hi there!

I have some problem in sending mail out from the server using the
script below
and it come error 500 internal error, pls contact server
administrator

Is there any problem with the code or ...?

Pls advise as i'm new in the cgi script :


#!/usr/bin/perl
use CGI::Carp qw(fatalsToBrowser);


if ($ENV{'REQUEST_METHOD'} eq 'POST') {

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

@pairs = split(/&/, $buffer);

foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}


open (MESSAGE,"| /usr/sbin/sendmail -t");

print MESSAGE "To: test\test.com\n";
print MESSAGE "From: " . $FORM{name} . ", reader\n";
print MESSAGE "Reply-to: " . $FORM{email} . "(" . $FORM{name} . ")
\n";

print MESSAGE "Subject: Feedback from $FORM{name} \n\n";

print MESSAGE "$FORM{name} wrote:\n\n";
print MESSAGE "Comment: $FORM{comment}\n\n";
print MESSAGE "Sent by: $FORM{name} ($FORM{email}).\n";

close (MESSAGE);

&thank_you; #method call
}



sub thank_you {

print "Content-type: text/html\n\n";

print <<EndStart;

<html>
<head>
<title>Thank You</title>
</head>

<body bgcolor="#ffffff" text="#000000">

<h1>Thank You</h1>

<p>Your feedback has been received. Thanks for sending it.</p>

<hr>


EndStart

print "<p>You wrote:</p>\n";
print "<blockquote><em>$FORM{comment}</em></blockquote>\n\n";

print <<EndHTML;

</body>
</html>

EndHTML

exit(0);
}
 
P

patrick

Hi there!

I have some problem in sending mail out from the server using the
script below
and it come error 500 internal error, pls contact server
administrator

Is there any problem with the code or ...?

Pls advise as i'm new in the cgi script :

#!/usr/bin/perl
use CGI::Carp qw(fatalsToBrowser);

if ($ENV{'REQUEST_METHOD'} eq 'POST') {

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

@pairs = split(/&/, $buffer);

foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

open (MESSAGE,"| /usr/sbin/sendmail -t");

print MESSAGE "To: test\test.com\n";
print MESSAGE "From: " . $FORM{name} . ", reader\n";
print MESSAGE "Reply-to: " . $FORM{email} . "(" . $FORM{name} . ")
\n";

print MESSAGE "Subject: Feedback from $FORM{name} \n\n";

print MESSAGE "$FORM{name} wrote:\n\n";
print MESSAGE "Comment: $FORM{comment}\n\n";
print MESSAGE "Sent by: $FORM{name} ($FORM{email}).\n";

close (MESSAGE);

&thank_you; #method call

}

sub thank_you {

print "Content-type: text/html\n\n";

print <<EndStart;

<html>
<head>
<title>Thank You</title>
</head>

<body bgcolor="#ffffff" text="#000000">

<h1>Thank You</h1>

<p>Your feedback has been received. Thanks for sending it.</p>

<hr>

EndStart

print "<p>You wrote:</p>\n";
print "<blockquote><em>$FORM{comment}</em></blockquote>\n\n";

print <<EndHTML;

</body>
</html>

EndHTML

exit(0);



}- Hide quoted text -

- Show quoted text -

You're missing the @ - print MESSAGE "To: test\@test.com\n";
 
P

Paul Lalli

I have some problem in sending mail out from the server using the
script below
and it come error 500 internal error, pls contact server
administrator

perldoc -q 500
Is there any problem with the code or ...?

There are many problems with this code. Which of them might be
causing your error is impossible to determine with what you've given
us.
Pls advise as i'm new in the cgi script :

#!/usr/bin/perl

You're not using strict, or warnings.
use strict;
use warnings;
use CGI::Carp qw(fatalsToBrowser);

The fact that you're using CGI::Carp, and yet still getting an HTTP
500 suggests that this program isn't being executed at all. Check the
permissions of the script, and make sure the webserver user has
permission to execute it.

You're not using the CGI module, and instead trying to parse the HTTP
content yourself.
use CGI qw/:standard/;
if ($ENV{'REQUEST_METHOD'} eq 'POST') {

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

@pairs = split(/&/, $buffer);

foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

Eliminate all of the above, and replace with:
my %FORM;
$FORM{$_} = param($_) for param();
open (MESSAGE,"| /usr/sbin/sendmail -t");

You're not checking the return value of this pipe. You have no way of
knowing if the /usr/sbin/sendmail program even exists, let alone if it
was successfully started.

open my $MESSAGE, '| /usr/sbin/sendmail -t'
or die "Could nost start sendmail: $!";
print MESSAGE "To: test\test.com\n";
print MESSAGE "From: " . $FORM{name} . ", reader\n";
print MESSAGE "Reply-to: " . $FORM{email} . "(" . $FORM{name} . ")
\n";

print MESSAGE "Subject: Feedback from $FORM{name} \n\n";

print MESSAGE "$FORM{name} wrote:\n\n";
print MESSAGE "Comment: $FORM{comment}\n\n";
print MESSAGE "Sent by: $FORM{name} ($FORM{email}).\n";

Replace all of those MESSAGE filehandles with $MESSAGE.
close (MESSAGE);

You're not checking the return value of closing this pipe, to know if
sendmail had any problems:
close $MESSAGE or die "Error when closing sendmail: $! ($?)\n";
&thank_you; #method call

That's not a method call, it's a subroutine call, and you shouldn't be
calling it with the & on the front.

thank_you(); #subroutine call
}

sub thank_you {

print "Content-type: text/html\n\n";

print header();
print <<EndStart;

<html>
<head>
<title>Thank You</title>
</head>

<body bgcolor="#ffffff" text="#000000">

print start_html(-title => "Thank You");
<h1>Thank You</h1>

<p>Your feedback has been received. Thanks for sending it.</p>

<hr>

print h1("Thank you"),
p("Your feedback has been received. Thanks for sending it.),
hr();
EndStart

print "<p>You wrote:</p>\n";
print "<blockquote><em>$FORM{comment}</em></blockquote>\n\n";

print p("You wrote:"), blockquote(em($FORM{comment}));
print <<EndHTML;

</body>
</html>

EndHTML

print end_html();

no need for that at all.

Paul Lalli
 
M

Mumia W.

Hi there!

I have some problem in sending mail out from the server using the
script below
and it come error 500 internal error, pls contact server
administrator
[...]

Look into the server logs to see what error was generated by your script.
 
G

Gunnar Hjalmarsson

LaMoRt said:
I will try out the solution u all give and tested it.

Whatever you do, don't put the script on a publicly available server. It
can easily be abused to send spam to multiple recipients, even if you
adopt the changes Paul and other suggested.

You may want to try the CPAN module CGI::ContactForm for a safer solution.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,479
Members
44,900
Latest member
Nell636132

Latest Threads

Top