Re^3: CGI-Upload / Bad File Number

This is how i read the CGI-data:

$query        = new CGI;        @names     = $query->param;
foreach (@names) {            $val = $query->param($_);    eval("\$$_ 
+= '$val';");        }
[download]

There is one value called '$file1' containing the source-file.

The upload-function is called this way:

if ($FNC eq "Hochladen") {        if ($file1 ne "") { Upload("$DIR$FIL
+E/_file1", $file1); }            }
[download]

...where '$file1' is named '$src' in the function and "$DIR$FILE/_file1" is the destination filename without extension, which is taken from the source filename.

There is no other apperence of '$file1' or '$src' in my code.

Comment on Re^3: CGI-Upload / Bad File Number Select or Download Code

Replies are listed 'Best First'.
Re^4: CGI-Upload / Bad File Number by poj (Abbot) on Jul 16, 2016 at 19:53 UTC
I would remove the `eval` , like this `my $query = new CGI; my $file1 = $query->param('file1'); if ($query->param('FNC') eq "Hochladen") { if ($file1 ne "") { Upload("$DIR$FILE/_file1", $file1); } }` [download] If would help to see the complete cgi script as I suspect some other improvements could be suggested. poj	[reply] [d/l] [select]
Re^5: CGI-Upload / Bad File Number by frnk (Novice) on Jul 17, 2016 at 05:40 UTC
You got it!! - Thanks a lot! ...obviously sometimes i have to read more about how upload works. I always wondered in a small part of my head about how the filename-string can specifie the hole upload-connection, but if this filename-string is not a 'pure' string containing a handle in the background, this point gets clearer... Regards, Frank	[reply]
Re^4: CGI-Upload / Bad File Number by Anonymous Monk on Jul 17, 2016 at 01:55 UTC
This is security hole, anybody running your cgi can run any perl program they write `eval("\$$_ = '$val';"); }` $cgi->param already gives you access to params by name, there is no need for eval If you want something other than $cgi use a hash, see CGI->VarsAsHash	[reply] [d/l]
Re^5: CGI-Upload / Bad File Number by frnk (Novice) on Jul 17, 2016 at 05:59 UTC
Concerning upload: works now - poj found the point: also the eval... Concerning security: Not so relevant in this case. It's a private site with previous login. But anyway i want to know mor about this: In between i've inserted `$val =~ s/'/\\'/gms;` before the eval-satement - not for security but to protect the '-character - maybe this is relevant... I'm not sure how this might be used to run code. Can you give me an example?? I looked at 'CGI->VarsAsHash' but i dont really understand it. Especially the '\%hash' in the return-statement: what does the backslash do?? Also: is there returned a hash or single strings?? Thanks, Frank	[reply] [d/l]
Re^6: CGI-Upload / Bad File Number by Anonymous Monk on Jul 17, 2016 at 08:26 UTC
Answer me this, who wrote that code? Where did you copy/paste from?	[reply]
Re^7: CGI-Upload / Bad File Number by frnk (Novice) on Jul 17, 2016 at 12:29 UTC
Re^8: CGI-Upload / Bad File Number by Anonymous Monk on Jul 17, 2016 at 21:11 UTC
Some notes below your chosen depth have not been shown here