How to make relative URL if "cgi-bin" is above the web root?

perl2010 has asked for the wisdom of the Perl Monks concerning the following question:

Here is our server setup: at / (this isnt the webroot) we have the folders

/cgi-bin/
/data/
/htdocs/ (this is the webroot)

I have a script in /cgi-bin/chat/big_chat.pl That does a require of "utility2.pl" so it is in that same folder. Now big_chat.pl also needs to edit 2 files in 2 other folders

/data/text/chat.txt
/htdocs/cowboys/chat.txt

so big_chat.pl is setup like this

#!/usr/bin/perl

require 'utility2.pl';

&form_handler;

$textdir = "../../data/text";
$docfile = "../../htdocs/cowboys/$FORM{'3'}";
#...
[download]

Is that the correct way to do relative paths if you are working with a cgi-bin above the webroot?

Comment on How to make relative URL if "cgi-bin" is above the web root? Download Code

Replies are listed 'Best First'.
Re: How to make relative URL if "cgi-bin" is above the web root? by merlyn (Sage) on Jan 19, 2010 at 23:23 UTC
You aren't saying what the URL mapping is for each of those dirs, except "webroot", which we now know is "/". Is "/cgi-bin" mapping to your cgi-bin? What URL leads to your "/data", if any? -- Randal L. Schwartz, Perl hacker The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.	[reply]
Re^2: How to make relative URL if "cgi-bin" is above the web root? by perl2010 (Initiate) on Jan 20, 2010 at 14:36 UTC
Here are the URL mappings /cgi-bin/ (http://example.com/cgi-bin/) /data/ (this is not accessible via the web) /htdocs/ (http://example.com/)	[reply]
Re: How to make relative URL if "cgi-bin" is above the web root? by merlyn (Sage) on Jan 20, 2010 at 21:27 UTC
Without commenting on the rest, I just noticed this: `$docfile = "../../htdocs/cowboys/$FORM{'3'}";` [download] That's an attack vector accident just waiting to happen. If you're creating this code, you need to read up on web security. A lot. If you're just configuring it, please pass my concern along to the author. -- Randal L. Schwartz, Perl hacker The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.	[reply] [d/l]
Re: How to make relative URL if "cgi-bin" is above the web root? by lostjimmy (Chaplain) on Jan 20, 2010 at 14:49 UTC
big_chat.pl is running on the server and doesn't care about relative paths with respect to the webserver. You are dealing with the server's filesystem at this point, so editing those other files is a matter of knowing what folders they are in. You could simply reference them as absolute paths. `$textdir = "/data/text"; $docfile = "/htdocs/cowboys/$FORM{'3'}";` [download]	[reply] [d/l]