Re: How to do system calls in cgi programs

Hi the problem will most probably be that you need the full path to your script. It should definately work if you call it like:

system( "/usr/bin/perl /full/path/to/the/script.plx" )
[download]

You are not bothering checking the return code (should be 0 if no error ) I am assuming an 0755 permissions mask (remember your CGI runs as user 'nobody' or 'apache' rather than user 'you' so it needs permissions to exec).

With your code you are using both the OO and the method call interface from CGI.pm - I have modified it to use just the method interface and have cleaned up the logic for you.

#!/usr/bin/perl -wT

$|++;
use strict;
use CGI qw(:standard); # important shortcuts
use Fcntl qw(:flock);  # imports LOCK_EX, LOCK_SH, LOCK_NB

my $timestamp = localtime;
# this should be as suggested above "/usr/bin/perl /path/to/Kreports.p
+lx"
my $script_to_call = "./Kreports.plx";  
$TITLE = "Kim's Report Generator";
$LOGFILE = "/usr/tmp/KreportLog"; 

print header,start_html($TITLE),h1($TITLE);

if ( param('name') ) {
    # if we have a name we must have been called from our form
    if ( ( param('name') eq 'Kim' ) and ( param('passwrd') eq 'Knecht'
+ ) ) {
       &runReports(); 
    } 
    else {
        print "Unauthorized!\n";
    }
}
else {
    # no name param so show form
    print hr, start_form;  # hr() emits a horizontal rule: <HR>
    print p( $timestamp );
    print p( "User ID:", textfield( -NAME => "name" ) );
    print p( "Passwrd:", password_field( -NAME => "passwrd"));
    print p( submit( "send" ), reset( "clear" ) );
    print hr;
    print end_form;
}

##### Subs #####

sub bail {
    my $error = "@_";
    print h1("Unexpected Error"), p($error), end_html;
}

sub runReports {
    print "Generating Reports\n";
    my $exit_val = system($script_to_call);
    if ( $exit_val ) {
       print "<p>System call failed with an exit value $exit_val\n";
       print "<p>Let's see what a backtic exec shows us\n";
       print '<pre>', `$script_to_call`, '</pre>';
    }
}
[download]

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print

Comment on Re: How to do system calls in cgi programs Select or Download Code

Replies are listed 'Best First'.
Re: Re: How to do system calls in cgi programs by Anonymous Monk on Jan 04, 2003 at 16:53 UTC
Strangely, this solution doesn't seem to work. All the permissions are wide open and there is no error reported from the system call. I placed an else clause in runReports() to indicate success but there is no print out from that either. sub runReports { print "Generating Reports for $script_to_call\n"; my $exit_val = system($script_to_call); if ( $exit_val ) { print "<p>System call failed with an exit value $exit_val\n"; print "<p>Let's see what a backtic exec shows us\n"; print '<pre>', `$script_to_call`, '</pre>'; } else { print "<p>Look for reports in /home/donfox/BioDataProject/kim/Re +ports"; } } [download] The program just runs but no reports are generated. The driver script for the reports works fro mthe command line, both in the cgi-bin and back in it's own directory. ??? Tanks	[reply] [d/l]
Re: Re: How to do system calls in cgi programs by Anonymous Monk on Jan 04, 2003 at 17:27 UTC
This cretainly cleans up the logic. Tidy! But the resulting behavior is unchanged. No output from system(). I added an else to confirm that all went well in case of return of 0. No print out there either. Script runs and no reports! Permissions are everywhere wide open and Kreports.plx runs from command line on cgi-bin or at home.	[reply]
Re: Re: Re: How to do system calls in cgi programs by tachyon (Chancellor) on Jan 04, 2003 at 22:48 UTC
You will have a path/permissions problem. Debugging 101 - simplify and distill. Make a very simple program: `#!/usr/bin/perl print "<h1>That worked!</h1>";` [download] Exec this via a system call from your CGI using a full path call - it should work without problems. If that is the case you have just isolated the problem to you reports script. You need to understand that the user, permissions and PATH on the command line often different from the CGI case. How they differ is setup dependent. Note that -T or taint mode stops you from doing things like `system(param('script_to_exec'))` as you need to untaint the value before you will be allowed to use it to do dangerous things. It seems highly likely that you are not checking for the success of open() or DBI->connect within you report script (and these are failing) but without seeing code this is just a guess. cheers tachyon s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print	[reply] [d/l] [select]
Re: Re: Re: Re: How to do system calls in cgi programs by Anonymous Monk on Jan 06, 2003 at 03:50 UTC
This has been resolved! Changing 'system' to 'exec' and removing the taint option-T allowed me to see that the permissions of the Report dir would not allow writing by the CGI process. Thanks very much Perl Monks!	[reply]