Hi chriso. When you make a major change in your node (aside from corrected a typo or adding a mild clarification sentence), it's helpful if you note the change. In this case, you replaced your code with something completely different. That's a shame because I was going to comment on your first code (not answering your question, but rather, pointing out some serious problems.)
First off, your code had a significant security hole. I saw this:
$file = param('file');That looked suspicious to me, so I read down further and saw this:
open ALLSCORES, ">>/perl/web/examscores/$file" || open ALLSCORES, ">>/perl/web/examscores/$file.bak";There are a variety of issues with this. First off, you're allowing someone to atttempt to open any file on your system. What do you do when someone types in ../../../../../some_file_name? If the Web server is running with permissions to open that file, something very bad could happen. Unfortunately, since you list your URLs, bad guys not only know what the security hole is, they know where it is.
If they don't have permissions to open the first file, you then have them attempt to open a second file. If the second open fails, it will do so silently and your code will not work.
You may wish to read lesson three of my CGI course. That lesson covers basic security. The other lessons will probably benefit you, too, but that one is a good start.
Cheers,
Ovid
New address of my CGI Course.
In reply to Re: Unusual problem with CGI based quiz
by Ovid
in thread Unusual problem with CGI based quiz
by chriso
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |