Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:
#!/usr/bin/perl &GetFormInput ; $username = $field{'username'} ; $domain = $field{'domain'} ; $email = $field{'email'} ; $service = $field{'service'} ; $Signup = $field{'Signup'} ; $Cancel = $field{'Cancel'} ; $ip = $ENV{'REMOTE_ADDR'} ; $message = "" ; $found_err = "" ; $errmsg = "<p>Please Enter A Valid Username. [Between 3-30 Characters. + No Symbols Allowed.]</p>\n" ; if ($username eq "") { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($username) < 3) { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($username) > 30) { $message = $message.$errmsg ; $found_err = 1 ; } $errmsg = "<p>Error With Domain. Contact Support.</p>\n" ; if ($domain eq "") { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($domain) < 1) { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($domain) > 100) { $message = $message.$errmsg ; $found_err = 1 ; } $errmsg = "<p>Please Enter A Valid E-Mail Address. [Between 5-50 Chara +cters.]</p>\n" ; if ($email !~ /.+\@.+\..+/) { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($email) < 5) { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($email) > 50) { $message = $message.$errmsg ; $found_err = 1 ; } $errmsg = "<p>Error With Service. Contact Support.</p>\n" ; if ($service eq "") { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($service) < 1) { $message = $message.$errmsg ; $found_err = 1 ; } elsif (length($service) > 100) { $message = $message.$errmsg ; $found_err = 1 ; } if ($found_err) { &PrintError; } open (LOGFILE, ">> account.log") ; print LOGFILE "/etc/AddVirtUser.pl --username=$username --domain=$doma +in --email=$email --ip=$ip --service=$service\n" ; close (LOGFILE) ; print "Content-type: text/html\n\n"; print "<html>\n" ; print "<head>\n" ; print "blah blah blah\n" ; print "</body>\n" ; print "</html>\n" ; sub PrintError { print "Content-type: text/html\n\n"; print $message ; exit 0 ; return 1 ; } sub GetFormInput { (*fval) = @_ if @_ ; local ($buf); if ($ENV{'REQUEST_METHOD'} eq 'POST') { read(STDIN,$buf,$ENV{'CONTENT_LENGTH'}); } else { $buf=$ENV{'QUERY_STRING'}; } if ($buf eq "") { return 0 ; } else { @fval=split(/&/,$buf); foreach $i (0 .. $#fval){ ($name,$val)=split (/=/,$fval[$i],2); $val=~tr/+/ /; $val=~ s/%(..)/pack("c",hex($1))/ge; $name=~tr/+/ /; $name=~ s/%(..)/pack("c",hex($1))/ge; if (!defined($field{$name})) { $field{$name}=$val; } else { $field{$name} .= ",$val"; #if you want multi-selects to goto into an array chang +e to: #$field{$name} .= "\0$val"; } } } return 1; }
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re: Need help with security
by dws (Chancellor) on Aug 23, 2002 at 20:12 UTC | |
|
Re: Need help with security
by fglock (Vicar) on Aug 23, 2002 at 20:03 UTC | |
|
Re: Need help with security
by Ovid (Cardinal) on Aug 23, 2002 at 20:13 UTC |