here is the basic problem, i have been assigned to develope a set of administration web tools at my job. it needs to be coded in perl because the language is so easy to maintain. but i have a very limited perl expirence so i offer up my humble (lousy) code here. the developement model I must follow is a web form (which will be secured some way.... any ideas?) will submit data to a perl script which will parse out what the form is doing. the perl script will then call a suid root C program to get enough permissions to do what it needs to. the C program will then call another perl script to do the dirty work.
with me? ok, my problem is that the my code works perfectly off of the command line and not at all off of the web. it just doesnt call the C program as near as i can figure it.
this is the source of perl program calling the C program 
#!/usr/local/bin/perl -w
use CGI;

my $post_data=new CGI;
my $username=$post_data->param('username');
my $on_off=$post_data->param('on_off');
my $message=$post_data->param('message');

&Command();

@junk = ("authorize", "vacation.pl", $username, $on_off, $message);
#@junk = ("vacation.pl", $username, $on_off, $message);
$runme = join (" ",@junk);

&Header();

print $runme;

$output=`$runme`;
print $output;

&Footer();

sub Command
{
 $username=$ARGV[0];
 $on_off=$ARGV[1];
 $message = join (" ",@ARGV);
 $message =~ s/$username//;
 $message =~ s/$on_off//;
}

sub Header
{
  print "Content-type: text/html\n\n";
  print "<HTML>\n";
  print " <HEAD>\n";
  print " <TITLE>$username Vacation Message</TITLE>\n";
  print " </HEAD>\n";
  print " <BODY bgcolor=white link=black vlink=black alink=black>\n";
  print "  <TABLE border=0 width=100%>\n";
  print "   <TR>\n";
  print "    <TD align=left>";
  print `date`;
  print "    </TD>\n";
  print "    <TD width=30%>  </TD>\n";
  print "    <TD align=right> Information Technologies </TD>\n";
  print "   </TR>\n";
  print "  </TABLE>\n";
  print "  <HR>\n";
  print "  <TABLE width=100% bgcolor=\"\#005533\">\n";
  print "  </TABLE>\n";
  print "  <HR>\n";
}

sub Footer
{
  print "  <HR>\n";
  print "  <TABLE border=0 width=100% bgcolor=\"\#005533\">\n";
  print "   <TR><TD>\n";
  print "    <center><font color=white>IT </font></center>\n";
  print "   </TD></TR>\n";
  print "  </TABLE>\n";
  print "  <HR>\n"; 
  print " </BODY>\n";
  print "</HTML>\n";
}

[download]
this is the code for the C program, things being authorized must be in the ASCII text document named auth.dat and be delimited by a new line (authorize) 
#include <stdio.h>
#include <stdlib.h>

int main(argc, argv)
     int argc;
     char *argv[];
{
  FILE *authfile;
  char runme[2000];
  char allowed[50];
  int temp;
  if ( 2 > argc) 
    {
      printf("Usage: %s [script name] <options>\n", argv[0]);
      exit(1);
    }
  authfile = fopen ("auth.dat","r");
  if (authfile  == (FILE*) NULL)
    {
      printf ("** ERROR READING auth.dat, Access Denied\n");
    }
  else
    {
      while (fgets(allowed,50,authfile))
        {
          temp = strlen(allowed);
          allowed[temp-1]=NULL;
          if(strcmp(allowed,argv[1])==0)
            {
              runme[0]=46;
              runme[1]=47;
              for ( temp = 1; temp < argc; temp++)
                {
                  strcat(runme,argv[temp]);
                  strcat(runme, " ");
                }
              /*strcat("/usr/sbin/auth/",runme);*/
              system(runme);
              exit(0);
            } 
        }
    }
  printf ("** COMMAND NOT ALLOWED\n");
  return 1;
}

[download]
and this is the source for the first module so far (vacation.pl) 
#!/usr/local/bin/perl -w
sub on
{
 open(FORWARD, ">/home/$username/.forward") || die ("Unable to open /h
+ome/$username/.forward");

 #.forward must look like 
 #\username, "|/usr/bin/vacation username"
 $set_fwd="\\$username, \"|/usr/bin/vacation $username\"";
 
 print FORWARD $set_fwd; 
 close(FORWARD);

 open(VMESSAGE, ">/home/$username/.vacation.msg") || die ("Unable to o
+pen /home/$username/.vacation.msg");

 print VMESSAGE $message;
 print VMESSAGE "\n";
 close(VMESSAGE);

 open(VACATIONDIR, ">/home/$username/.vacation.dir") || die ("Unable t
+o open /home/$username/.vacation.dir");
 close(VACATIONDIR);

 open(VACATIONPAG, ">/home/$username/.vacation.pag") || die ("Unable t
+o open /home/$username/.vacation.pag");
 close(VACATIONPAG);

 `chmod 644 /home/$username/.forward /home/$username/.vacation.msg /ho
+me/$username/.vacation.pag /home/$username/.vacation.dir`;

 `chown $username /home/$username/.forward /home/$username/.vacation.m
+sg /home/$username/.vacation.pag /home/$username/.vacation.dir`;
}

sub off
{
`rm -f /home/$username/.vacation.msg`;
`rm -f /home/$username/.vacation.pag`;
`rm -f /home/$username/.vacation.dir`;
`rm -f /home/$username/.forward`;
}

if (($#ARGV > 1) ||(($#ARGV == 1) && ($ARGV[1] eq "off")))
{
 $username=$ARGV[0];
 $on_off=$ARGV[1];
 if($on_off eq "on")
 {
  $message = join (" ",@ARGV);
  $message =~ s/$username//;
  $message =~ s/$on_off//;
  &on(); 
  print "  <div align=\"center\"> $username\'s vacation message has be
+en \n";
  print "   <font color=red>activated</font>.</div><BR>\n";
  print "  <div align=\"center\">\n";
  print "  </div>\n";
  print "  <center><BR>Please E-Mail <a href=\"mailto:$username\@where
+iwork.com\">$username\@whereiwork.com</a>\n";
  print "      to test this message. <BR> If you do not recieve an aut
+omatic response with your\n";
  print "      vacation message please resubmit this form and try agai
+n.</center>\n";

 }
 elsif($on_off eq "off")
 {    
  &off();
  print "  <div align=\"center\"> $username\'s vacation message has be
+en \n";
  print "   <font color=red>deactivated</font>.</div><BR>\n";
  print "  <div align=\"center\">\n";
  print "  </div>\n";
  print "  <center><BR>Please E-Mail <a href=\"mailto:$username\@where
+iwork\">$username\@whereiwork.com</a>\n";
  print "      to test this message. <BR> If you recieve an automatic 
+response with your\n";
  print "      vacation message please resubmit this form and try agai
+n.</center>\n";
 }
}
else
{
 print "<b>Not all necessary values have been given.</b>\n";
}

[download]
well, i realize how bad this code is, but i would LOVE any ideas or suggestions, provided i have some clue as to what is being said

edited: Thu May 15 20:30:08 2003 by jeffa - readmore tag

In reply to html->perl->c->perl...... work dang it by jcpunk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.