Premature End of Script Headers (was: Re: Newbie error management question) (code)

Replies are listed 'Best First'.
(arturo) Re: Premature End of Script Headers by arturo (Vicar) on May 13, 2001 at 23:07 UTC
Security note: only use `fatalsToBrowser` in pre-production code. It returns error messages that could be helpful to crackers! (I know deprecated knows that, I just wanted to make it absolutely clear to any folk not in the know who happen on this post later)) `perl -e 'print "How sweet does a rose smell? "; chomp $n = <STDIN>; $r +ose = "smells sweet to degree $n"; other_name = rose; print "$other +_name\n"'` [download]	[reply] [d/l] [select]
Re: Premature End of Script Headers (was: Re: Newbie error management question) (code) by shambright (Beadle) on May 13, 2001 at 18:17 UTC
thanks for the suggestion. Can you unstick me from this next one, too? What is the difference between printing headers immediately (as you suggested) and using $\|=1; to flush the buffers. I thought that this would send the headers (?). Also, if I have a script that takes awhile to run (e.g. complex MySQL statements), sometimes the browser times out. IS there a way to let the browser know "Hold on... I'm coming with your answer" ?	[reply]
Re: Re: Premature End of Script Headers (was: Re: Newbie error management question) (code) by deprecated (Priest) on May 13, 2001 at 18:35 UTC
Glad I could be of help. I can't really help without seeing your script. $\|++ doesnt really "flush the buffers" as much as it tells perl not to hold buffers. I'm happy to offer help, but I cant see what's going wrong with your code without, er, seeing whats wrong with your code. :) brother dep. -- Laziness, Impatience, Hubris, and Generosity.	[reply]
error management... by shambright (Beadle) on May 15, 2001 at 22:14 UTC
The error reads "error reading the headers", not "Premature end of Script Headers". I have seen both...is there a difference? Thanks again for the help. Here is the code in question. Please be merciful: #!/usr/bin/perl -w # NEEDED Variables $basedir = "/home//"; $linkscgi = "http://www.foo.cgi"; # use form to get the data use CGI qw(:standard); $query = new CGI; # enable MySQL database use DBI; $dsn="DBI:mysql:database=foo"; $client_email = $query->param('email'); chomp($client_email); $new_url = $query->param('url'); chomp($new_url); $new_title = $query->param('title'); print "Content-Type: text/html\n\n"; $\|++; $mailprog = "/usr/sbin/sendmail"; $LOC = "ALL"; $TRACKER = $ENV{'HTTP_REFERER'}; if (!($TRACKER)) { $TRACKER = $ENV{'REMOTE_ADDR'}; } #################################### # CHECK Entries @LINE= split (/"/,$new_url); $new_url = $LINE[0]; $new_title =~ s/<[^>]>//g; $new_title =~ s/\/[^>]>//g; $new_title = &convert_bad_chars($new_title); $new_url = &convert_bad_chars($new_url); if ($new_url eq 'http://' \|\| $new_url !~ /^(f\|ht)tp:\/\/(\w\|\-)+\.\w+/ +) { &no_url; } if (!($new_title)) { &no_title; } if (!($client_email)) { &no_emailid; } if ($client_email !~ /^[\w\d][\w\d\,\.\-]\@([\w\d\-]+\.)+([a-zA-Z]{3} +\|[a-zA-Z]{2})$/) { &no_emailid; } open (FILE, "badurls.txt"); flock (FILE, 2); @banURL = grep{/$LINE[0]/} <FILE>; flock (FILE, 8); close (FILE); if (@banURL) { &not_allowed($LINE[0]); } #check against 'bad-email' list open (FILE, "bademails.txt"); flock (FILE, 2); @banEMAIL = grep{/$client_email/}<FILE>; flock (FILE, 8); close (FILE); if (@banEMAIL) { &not_allowed($client_email); } #check to see if code is unique $flag = 1; $dbh = DBI->connect($dsn,'foo','foo') or die "Can't connect to MyS +QL database."; while ($flag == 1) { $CODE = &gen_code; $cursor = $dbh->prepare("SELECT count() FROM s_table WHERE ID +_Code = '$CODE'"); $cursor->execute(); while (my $get = $cursor->fetchrow_hashref()) { $check = $get->{'count()'}; } if ($check==0) { $flag = 0; } } $cursor->finish(); $dbh->disconnect; # Enter MySQL and Add Entry.... $dbh = DBI->connect($dsn,'foo','foo') or die "Can't connect to MyS +QL database."; while ($flag == 1) { $cursor = $dbh->prepare("INSERT INTO s_table (ID_Code,Email,Ur +l,Title,Section,Location,Tracker,Date) VALUES ('$CODE','$client_email','$new_url','$new_title','$ +where','$LOC','$TRACKER', NOW())"); $cursor->execute(); #check to see if entry was accepted $cursor = $dbh->prepare("SELECT count() FROM s_table WHERE ID +_Code = '$CODE'"); $cursor->execute(); while (my $get = $cursor->fetchrow_hashref()) { $check = $get->{'count()'}; } if ($check) { $flag = 0; } } $cursor->finish(); $dbh->disconnect; ####### # convert title,url $new_title =~ s/\\//g; $new_url =~ s/\\//g; $date= localtime; #Send Email... open (MAIL, "\|$mailprog -t") \|\| die "Can't open $mailprog!\n"; print MAIL "To: $client_email\n"; print MAIL "From: foo\n"; print MAIL "Subject: Your entry\n\n"; print MAIL "Thank you for adding your entry.\n"; print MAIL "\n---------------------------------------------------- +--\n"; print MAIL "Your Link:\n\n"; print MAIL "$new_title\n"; print MAIL "$new_url\n"; print MAIL "Section: $where\n\n"; print MAIL "Submitted on $date\n"; print MAIL "\n"; close (MAIL); print "<html><head><title>Output stuff...</title></head>\n"; print "Thanks!</body></html>"; exit(0); sub no_url { print "<html><head><title>ERROR: No URL</title></head>\n"; print "<body bgcolor=#FFFFFF text=#000000>"; print "<center><h1>No URL $new_url</h1></center>\n"; print "You forgot to enter a url you wanted added to the "; print "link page. Another possible problem was that your link "; print "was invalid.<p>\n"; print "<form method=POST action=\"$linkscgi\">\n"; &get_fields; print "<input type=submit> <input type=reset>\n"; print "<hr>\n"; print "</form></body></html>\n"; exit(0); } sub no_illegal_chars { print "<html><head><title>ERROR: No URL</title></head>\n"; print "<body bgcolor=#FFFFFF text=#000000>"; print "<center><h1>No Illegal Characters</h1></center>\n"; print "Your entry contains characters that are illegal to use."; print "<p>\n"; print "<form method=POST action=\"$linkscgi\">\n"; &get_fields; print "<input type=submit> * <input type=reset>\n"; print "<hr>\n"; print "</form></body></html>\n"; exit(0); } sub no_title { print "<html><head><title>ERROR: No Title</title></head>\n"; print "<body bgcolor=#FFFFFF text=#000000>"; print "<center><h1>No Title</h1></center>\n"; print "You forgot to enter a title you wanted added to the "; print " link page. Another possible problem is that your title "; print "contained illegal characters.<p>\n"; print "<form method=POST action=\"$linkscgi\">\n"; &get_fields; print "<input type=submit> * <input type=reset>\n"; print "<hr>\n"; print "</form></body></html>\n"; exit(0); } sub no_emailid { print "<html><head><title>ERROR: No EMail Id</title></head>\n"; print "<body bgcolor=#FFFFFF text=#000000>"; print "<center><h1>No E-mail ID</h1></center>\n"; print "You forgot to enter your e-mail id. "; print "Another possible problem is that your e-mail id "; print "contained illegal characters.<p>\n"; print "<form method=POST action=\"$linkscgi\">\n"; &get_fields; print "<input type=submit> * <input type=reset>\n"; print "<hr>\n"; print "</form></body></html>\n"; exit(0); } sub get_fields { print "\nEMail: <input type=text name=\"email\" value=\"$client_ema +il\" size=30><br>"; print "\nTitle: <input type=text name=\"title\" value=\"$new_title\ +" size=40><br> "; print "\nURL: <input type=text name=\"url\" value=\"$new_url\" size +=55><br>"; print "<input type=hidden name=\"section\""; print "value=\"$where\">\n"; if ($LOC ne "ALL") { print "<input type=hidden name=\"lnkuser\""; print "value=\"$LOC\">\n"; } } sub not_allowed { $error = $_[0]; print "<html><head><title>ERROR: URL Entry Denied</title></head>\n" +; print "<body bgcolor=#FFFFFF text=#000000>"; print "<center><h1>URL Entry Denied</h1></center>\n"; print "<center>Sorry, $error\n"; print "You cannot add this URL to this page.<p>\n"; print "</center>"; print "</body></html>\n"; exit(0); } sub gen_code { my ($sec,$min,$hour,$mday,$mon,$year,$wday) = (localtime(time))[0, +1,2,3,4,5,6]; if ($sec<10) {$sec = "0".$sec;} if ($min<10) {$min = "0".$min;} if ($hour<10) {$hour = "0".$hour;} if ($mday<10) {$mday = "0".$mday;} my $RND = int(rand(1000)); my $CODE = "$mday$hour$min$sec$RND"; return $CODE; } sub convert_bad_chars { my $string = $_[0]; $string =~ s/'/\\'/g; $string =~ s/"/\\"/g; return $string; } [download]	[reply] [d/l]
(ar0n) Re: error management... by ar0n (Priest) on May 15, 2001 at 22:57 UTC
Re: error management... by Sifmole (Chaplain) on May 15, 2001 at 22:34 UTC
Re: Re: error management... by ChemBoy (Priest) on May 15, 2001 at 22:48 UTC
Some notes below your chosen depth have not been shown here


Syntactic Confectionery Delight
	PerlMonks