[Nms-cgi-devel] Re: Nms-cgi-support digest, Vol 1 #18 - 3 msgs

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

The reason he is having trouble is because the script is not passing the 
taint checking.
When it hits the : in the path, the pattern fails because a : is not in the 
character class in $dirname =~ m|^([-+@\w./]+)$|.  Does anyone (such as our 
taint checking experts) see a problem with adding a colon to the character 
class?

>Message: 2
>From: Joost Lommers <Joo...@is...>
>To: "'nms...@li...'"
>         <nms...@li...>
>Date: Tue, 12 Feb 2002 09:30:26 +0100
>Subject: [Nms-cgi-support] I cannot get search.pl to search the right 
>directories under Win
>  2000 + IndigoPerl 5.6
>
>Hi,
>
>I am trying to get the Simple Search script working under Win 2000 with
>IndigoPerl 5.6.
>
>IndigoPerl is installed in E:\My Development\IndigoPerl56. In this directory
>are the Perl and Apache subdirectories like \bin, \cgi-bin, \htdocs,
>\perl-bin, etc. located. Your search.pl script is in \cgi-bin, your
>search.html page is in \htdocs.
>
>I have trouble setting the $basedir variable. Whatever way I define it, I
>either get no search results or various appliction errors. E.g.
>
>   Setting
>    my $basedir = '/IndigoPerl56/htdocs';
>    my $baseurl = '/IndigoPerl56/htdocs';
>    my @files = ('*.html');
>   results in no hits when I search on "simple" + AND + insensitive ("simple"
>should give a hit on search.html in \htdocs).
>
>
>   Setting
>    my $basedir = '/htdocs';
>    my $baseurl = '/htdocs';
>    my @files = ('*.html');
>   results in no hits when I search on "simple" + AND + insensitive ("simple"
>should give a hit on search.html in \htdocs).
>
>   Setting
>    my $basedir = '../htdocs';
>    my $baseurl = '../htdocs';
>    my @files = ('*.html');
>   results in a hit on search.html (finally), but the script stops with an
>application error:
>   "suspect directory name: e:/my development/indigoperl56/cgi-bin at
>e:\MYDEVE~1\INDIGO~1\cgi-bin\search.pl line 366."
>
>   Adding some print statements, I can see that the script first searches
>../htdocs, but the second directory it tries to search is e:/my
>development/indigoperl56/cgi-bin, on which it dies. In my opinion, the
>script shouldn't search this directory because it is at the same level as
>../htdocs (full path is e:/my development/indigoperl56/htdocs). When I add a
>subdirectory to ../htdocs (e.q. ../htdocs/test), I also see that this
>subdirectory is never searched.
>
>Can you help? I am a programmer, but new to Perl and this pattern matching
>stuff is way beyond my capabilities. I tried to understand the line the
>script dies on ($dirname =~ m|^([-+@\w./]+)$| or die "suspect directory
>name: $dirname";) but even with a Perl book and the IndigoPerl on-line
>documentation I still don't understand what is going on here. Sorry.
>
>Thanks for any advice.  8-)
>Joost Lommers. ISES International B.V.
>
>mailto:Joo...@is... / Mobile: +31 (0)650 664 634 /
>Mail: Postbus 2003, 5300 CA  Zaltbommel / Visit: Hogeweg 65, 5301 LJ
>Zaltbommel / E-visit: http://www.ises-international.com/
>
>"I never said I always make sense"
>
>
>
>
>--__--__--
>
>_______________________________________________
>Nms-cgi-support mailing list
>Nms...@li...
>https://lists.sourceforge.net/lists/listinfo/nms-cgi-support
>
>
>End of Nms-cgi-support Digest