print header( -charset=>'utf8' );
my $article = param('select') || "Αρχική Σελίδα!";
my @files = glob "$ENV{'DOCUMENT_ROOT'}/data/text/*.txt";
my @menu_files = map m{([^/]+)\.txt}, @files;
Encode::from_to($_, 'ISO-8859-7', 'utf8') for @menu_files;
if ( param('select') ) { #If user selected an item from the drop down menu
$article = decode( 'utf8', $article );
unless ( grep /^\Q$_\E$/, @menu_files ) #Unless user selection doesn't match one of the valid filenames within @display_files
{
......
####
print header( -charset=>'utf8' );
my $article = param('select') || "Αρχική Σελίδα!";
my @files = glob "$ENV{'DOCUMENT_ROOT'}/data/text/*.txt";
my @menu_files = map m{([^/]+)\.txt}, @files;
Encode::from_to($_, 'ISO-8859-7', 'utf8') for @menu_files;
if ( param('select') ) { #If user selected an item from the drop down menu
#No alternation to utf8 encoding or decoding is needed here....the returned value is consisted of utf8 flag and contains wide characters as the original
unless ( grep /^\Q$_\E$/, @menu_files ) #Unless user selection doesn't match one of the valid filenames within @display_files
{
if( param('select') =~ /\0/ )
{
$article = "*Null Byte Injection* attempted & logged!";
print br() x 2, h1( {class=>'big'}, $article );
}
if( param('select') =~ /\/\.\./ )
{
$article = "*Backwards Directory Traversal* attempted & logged!";
print br() x 2, h1( {class=>'big'}, $article );
}
$select = $db->prepare( "UPDATE guestlog SET article=?, date=?, counter=counter+1 WHERE host=?" );
$select->execute( $article, $date, $host );
exit 0;
}
Encode::from_to($article, 'utf8', 'ISO-8859-7'); #Convert user selected filename to greek-iso so it can be opened
open FILE, "<$ENV{'DOCUMENT_ROOT'}/data/text/$article.txt" or die $!;
local $/;
$data = ;
close FILE;
Encode::from_to($article, 'ISO-8859-7', 'utf8'); #Convert user selected filename back to utf8 before inserting into db
$select = $db->prepare( "UPDATE guestlog SET article=?, date=?, counter=counter+1 WHERE host=?" );
$select->execute( $article, $date, $host );
}
else {
####
for ($data) { #Replace special chars like single & double quotes to its literally values
s/\n/\\n/g;
s/'/\\'/g;
s/"/\"/g;
tr/\cM//d;
}
####
print header( -charset=>'utf8' );
my $article = param('select') || "Αρχική Σελίδα!";
my @files = glob "$ENV{'DOCUMENT_ROOT'}/data/text/*.txt";
my @menu_files = map m{([^/]+)\.txt}, @files;
Encode::from_to($_, 'ISO-8859-7', 'utf8') for @menu_files;
if ( param('select') ) { #If user selected an item from the drop down menu
$article = encode( 'utf8', $article );
unless ( grep /^\Q$_\E$/, @menu_files ) #Unless user selection doesn't match one of the valid filenames within @display_files
{
......