Versions Compared

Old Version 6

changes.mady.by.user Les Cottrell

Saved on

compared with

New Version Current

changes.mady.by.user Les Cottrell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

These run as user nobody and need to be super secure. Read the Perl Cookbook and "Writing a Safe Secure CGI program". Always use the taint mode (-T).  
When open'ing a file use the three argument form of open (open FILEHANDLE, MODE, LEFT; ) when possible. This will prevent the redirect mode symbol(s) from being misinterpreted as part of the filename. This can be especially important when a user might provide the filename (e.g. in CGI script) and maliciously or unintentionally include a redirct symbol(s) in the filename.

PerlTidy

To ease formatting and translations of the various coding styles available, it is recommended that the tool PerlTidy should be used to (re)format code to the format desired.

...

No Format
$ perltidy file
# simple example perltidy script
my $input = <STDIN>;
if ( open( FILE, "<$input" ) ) {
    while ( $file = <FILE> ) {

        # pointless loop!
        for ( my $i = 0 ; $i < 100 ; $i++ ) { print "."; }
        print "\n";
        push( @entries, $file );    # copy contents of file to memory
        $count++;                   # keep a counter
    }
    close(FILE);
}
else {
    die "Could not open file $file: $!\n";
}

Useful hints

Checking IP names and IPv4 addresses

Assume we have the name or IPv4 address in $hostname then one can use (nb the address does not exclude octets of >255).

Code Block

unless(($hostname=~/(([a-z0-9]+|([a-z0-9]+[-]+[a-z0-9]+))[.])+/)#Name
    || ($hostname=~/ \b(?:\d{1,3}\.){3}\d{1,3}\b/)){            #IPv4 addr
  print "hostname=$hostname, not a valid IP name or address\n";
  exit 101;
}

If one wishes to fully check that the octets are correct (<255) and also get the value of each octet (into $s1..4) then one can use:

Code Block

\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b

If one does not need the values of each octet then a simpler expression will surfice:

Code Block

NOT-SET

An alternative is to use a library module such as NetAddr::IP.

For IPv6 addresses (which are much more complex) use a module such as: Net::IPv6Addr, Regexp::IPv6,or NetAddr::IP (do a Google search with the name).

Rough template

There is a rough template of a perl script that creates/sets several useful variables (user, host, debug level) uses strict and -w, has USAGE information, ensures created files are accessible to others, processes options, has the disclaimer notice, etc. It is not meant to do anything useful but may be useful as a start.