Here's a much cleaner version of your script.
#!/usr/bin/perl -wT use strict; use CGI qw/:standard/; my $datafile = "/web/home/data/userpass.dat"; my $myemail = 'foo@bar.com'; my $sendmail = '/usr/bin/mail'; #????? my %FORM = map { $_, @{ [param($_)] } > 1 ? [param($_)] : param($_) } + param(); my $string = $FORM{'mail'}; open INF,"< $datafile" or die "Can't open $datafile for reading: $!"; my @mydata; { local $/ = '&'; @mydata = <INF>; } close(INF); my $count = 0; foreach my $i (@mydata) { my ( $user, $pass, $email ) = split(/\|/,$i); next if (uc($email) ne uc($string)); open (MAIL, "| $sendmail -t") || die "I can't open sendmail\n"; print MAIL "To: $email\n"; print MAIL "From: $myemail\n"; print MAIL "Subject: The passwords\n"; print MAIL "\n"; print MAIL "Here are the passwords you asked for:\n"; print MAIL "\n"; print MAIL "Field 1: $user\n"; print MAIL "Field 2: $pass\n"; print MAIL "Field 3: $email\n"; print MAIL "\n"; }
Frankly, I don't know much about the security implications of using the mail program that you are wanting to use. I would strongly suggest using one of the CPAN mail packages. Any monks who have advice on this should speak up! :)
Also, please read perlsec for information on cleaning up the data in the %FORM hash.
Cheers,
Ovid
Vote for paco!
Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.
In reply to (Ovid) Re: Lost acolyte
by Ovid
in thread Lost acolyte, splitting fields out of flat-file database
by caciqueman
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |