#!/usr/bin/perl -wT use CGI qw( :all ); use strict; $|++; print header(), start_html( "Counter Test" ); # *snip* my $datapath = "/home/username/data/project"; # outside httpd directo +ry my $datafile = "$datapath/counter.dat"; # Permissions: 666 my $subID = sprintf( "%06d", getNewCounter( $datafile ) ); # more snipped, including code verification of directory, file, and at +tributes. print "Get Counter Results: $subID", end_html; sub getNewCounter # --------------------------------------------------------------- # Reads and incremements the counter value. # Credit: Implementation based on sample found in the perl CGI # FAQ at www.perl.com. # --------------------------------------------------------------- { my( $countfile ) = @_; open( FILE, "$countfile" ) or die "Cannot open counter for reading +.\n"; flock( FILE, 2 ) or die "Cannot lock counter for reading +.\n"; my( $countval ) = <FILE>; chomp( $countval ); flock( FILE, 8 ) or die "Cannot unlock counter after rea +ding.\n"; close( FILE ) or die "Cannot close counter after read +ing.\n"; open( FILE, ">$countfile" ) or die "Cannot open counter for writing +.\n"; flock( FILE, 2 ) or die "Cannot lock counter for writing +.\n"; print FILE ++$countval; flock( FILE, 8 ) or die "Cannot unlock counter after wri +ting.\n"; close( FILE ) or die "Cannot close counter after writ +ing.\n"; return( $countval ) }
I'm primarily worried about the getNewCounter() subroutine and, as always, any security issues. In case you didn't catch the earlier comments, data/ is outside of httpd/ and cgi-bin/, as outlined in Organization Redux.
Also, any other concerns or suggestions?
--f
In reply to Flock Feedback by footpad
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |