[JohnElmore]

Hi!

I tried searching all over the internet but didn't found an example how to make a simple site with perl.

I'm thinking of a simple script that makes the page structure (header, footer etc.)

I know that it's possible (like with php)

So if someone could show me an quick example or a link to a tutorial that talks about the subject i'd be happy

[rob2132]

Quote:

Originally Posted by JohnElmore

Hi!

I tried searching all over the internet but didn't found an example how to make a simple site with perl.

I'm thinking of a simple script that makes the page structure (header, footer etc.)

I know that it's possible (like with php)

So if someone could show me an quick example or a link to a tutorial that talks about the subject i'd be happy :)

How do you mean making a site with Perl? What elements/data are you wanting to be dynamic or interactive? Are you talking about having different files that you can include in every page with simple short code to insert a page's header and footer to save time and make management of the pages you add easier without needing to update them all? If so, what structure do you want to use?

[YUPAPA]

Quote:

Originally Posted by JohnElmore

Hi!

I tried searching all over the internet but didn't found an example how to make a simple site with perl.

I'm thinking of a simple script that makes the page structure (header, footer etc.)

I know that it's possible (like with php)

So if someone could show me an quick example or a link to a tutorial that talks about the subject i'd be happy

A little my example:

Code:

#!/usr/bin/perl
use CGI;
use strict;

my $header_file		=	'/full/path/to/header_file';		# Path to Header
my $footer_file		=	'/full/path/to/footer_file';		# Path to Footer
my $content_dir		=	'/full/path/to/content_folder';		# Path to Web Pages
my $query			=	new CGI;
my $page			=	$query->param('page');

print "Content-Type: text/html\n\n";

print read_file($header_file);
print read_file($content_dir.'/'.$page);
print read_file($footer_file);

sub read_file {
	my $src_code;
	open(FILE,"<$_[0]");
		while(<FILE>) {
			$src_code .= $_;
		}
	close(FILE);
	return $src_code;
}

You call the script like this:
www.yourdomain.com/scriptname.pl?page=web_content.html

web_content.html should be stored under the $content_dir directory.

[rob2132]

You may as well just print the contents. Also you should (*for security reasons*) not blindly accept the param("page") variable.

Otherwise someone could call:

http://www.yourdomain.com/scriptname.../../etc/passwd, for example.

Following that, not saving everything into a string just to print it out later by returning the new string--this is inefficient for large file content.

Checking the file open call wouldn't be a bad idea either.

Finally, since you're using the CGI module, you should just use print header() instead of print "Content-Type: text/html\n\n";.

Perhaps adding a valid file type to open, to be safe from people opening other files and printing out the contents (i.e., of configuration files or source code)!

Code:

#!/usr/bin/perl
use warnings;
use strict;
use CGI qw(:standard);
 
# Path to files to open:
my $header_file = '/full/path/to/header_file';    # Path to Header
my $footer_file = '/full/path/to/footer_file';    # Path to Footer
my $content_dir = '/full/path/to/content_folder'; # Path to Web Pages
 
# List of file extensions that are safe to open:
my @safe_files_ext = qw(
        htm
        html
        txt
);
 
# Get page to open (user specified):
my $query       = new CGI;
chomp(my $page  = $query->param('page') || '');
 
# Get rid of white space on file names passed, if any:
$page =~ s/\s+//g if ($page ne "");
 
# Print header (for CGI):
print header();
 
# Static file (0) or user specified (1):
read_file(0, $header_file);
read_file(1, $content_dir . '/' . $page) if ($page ne "");
read_file(0, $footer_file);
 
# Display file, if safe:
sub read_file {
        my ($in_page, $file) = @_;
        if ($in_page) { # If file is user specified.
                error("Invalid syntax") if ($file =~ /\.\./); # Disallow dir traversing.
                foreach my $file_ext (@safe_files_ext) { # Check each valid file extension:
                        # Stop and report error if in valid.
                        error("Invalid syntax for $file") if ($file !~ /\.$file_ext$/i);
                }
        }
        # Open and print file contents if we're okay.
        open(FILE, $file)       or error("Can't open $file $!");  # report error if can't open file.
                # Do more stuff here if you want.
                print while (<FILE>); # Print file line by line for best efficiency.
        close(FILE);
}
 
# Error subroutine to display error and exit.
sub error {
        my $reason = shift;
        print "Error: $reason\n";
        exit;
}

Anyway, just a quick suggestion--I've just typed this out and have not tested it (but you get the idea).

[YUPAPA]

That was just a quick example I showed... If he wants a fully secured version, I can code it 100% secure. I like to help and don't like juding ppl's code because that makes the person look bad~ Lastly thanks for correcting the code. I am leaving, Bye~

[rob2132]

Quote:

Originally Posted by YUPAPA

That was just a quick example I showed... If he wants a fully secured version, I can code it 100% secure. I like to help and don't like juding ppl's code because that makes the person look bad~ Lastly thanks for correcting the code. I am leaving, Bye~

If you think my post was meant to attack your code, you're mistaken--that was not my intention. It was simply suggestions to have it be more secure, bug free and efficient based on the code you posted as a solution ( I did so to help the OP, not to berate your code ). I didn't do so to make you look bad. I hope that's clear. I too, didn't go out of my way to code anything special or elaborate... I'm sure you code complete solutions and your quick post with the previous code doesn't reflect your skills.