Click Here!
home account info subscribe login search My ITKnowledge FAQ/help site map contact us


 
Brief Full
 Advanced
      Search
 Search Tips
To access the contents, click the chapter and section titles.

Perl CGl Programming: No experience required.
(Publisher: Sybex, Inc.)
Author(s): Erik Strom
ISBN: 0782121578
Publication Date: 11/01/97

Bookmark It

Search this book:
 
Previous Table of Contents Next


Now you need the script to actually delete the entries. The following Perl code will do just that:

   #!/perl/bin/perl

   # delguest.pl
   # Takes CGI input from entries.pl consisting
   # of marked checkboxes, each with a value equal to
   # the index of a guest book entry that has been
   # marked for deletion.

   # Get header files.

       require ("c:/Program Files/Sambar/cgi-bin/GuestBook.pm") ||
           die ("Can’t find GuestBook header file: $!\n");

   # Make sure this is a POSTed CGI conversation.

       if ($ENV{’REQUEST_METHOD’} ne "POST")
           {
           &HTML_Header ("Unauthorized entry!");
           print <<THE_END;
   <BODY>
   <H1 ALIGN="CENTER">Unauthorized entry attempt</H1>
   <H1 ALIGN="CENTER">Goodbye!</H1>
   </BODY>
   THE_END

           &HTML_Footer;
           exit (0);
           }

   # Get the query string and strip out the index numbers.

       read (STDIN, $QueryString,  $ENV{’CONTENT_LENGTH’});
       @Info = split (/&/, $QueryString);

       for ($n = 0; $Info[$n]; $n++)
           {
           ($dummy, $index) = split (/=/, $Info[$n]);
           $DelGuest[$n] = $index;
           }

   # Open the guest book database file.

       open (GUEST_LOG, $GuestBookPath) ||
           die "Can’t open guest book: $!";

   # Read the whole database into a big array.

       $n = 0;

       while (read (GUEST_LOG, $buffer, $GuestEntrySize))
           {
           $DataBase[$n] = $buffer;
           $n++;
           }

   # Close the guest book file, then reopen for writing.

       close (GUEST_LOG);
       open (GUEST_LOG, ">$GuestBookPath") ||
           die "Can’t open guest book: $!";

   # Write the entries back, except the ones that have
   # been flagged for deletion.

       $RecCount = 0;
       $DelCount = 0;

       foreach $record (@DataBase)
           {
           if ($RecCount == $DelGuest[$DelCount])
               {
               $DelCount++;
               }
           else
               {
               print GUEST_LOG $record;
               }
           $RecCount++;
           }               # End foreach $record…

   # All done. Close the file and put up an HTML screen.

       close (GUEST_LOG);
       &HTML_Header ("Finished");
       print <<THE_END;
   <BODY>
   <H2 ALIGN="CENTER">Finished editing guest book.
   $DelCount entries deleted</H2>
   </BODY>
   THE_END

       &HTML_Footer;

   #                    End delguest.pl

Save this script as delguest.pl and put it, along with entries.pl, in the maint directory.

Creating Maintenance Tools

You have already tested entries.pl and you’ve taken a look at the HTML form it creates. You should now add the code snippet from the top of delguest.pl that ensures the script was called through the POST method.

   if ($ENV{‘REQUEST_METHOD’} ne "POST")
           {
           &HTML_Header ("Unauthorized entry!");
           print <<THE_END;
   <BODY>
   <H1 ALIGN="CENTER">Unauthorized entry attempt</H1>
   <H1 ALIGN="CENTER">Goodbye!</H1>
   </BODY>
   THE_END
           &HTML_Footer;
           exit (0);
           }

There are several ways you could put the finishing touches on your little maintenance module. The password gateway in maint/index.htm could put up an HTML page with links to entries.pl and any other housekeeping scripts that you write later on. As usual, it’s up to you.

Once you’ve decided how to handle the gateway and set it up, make a copy of your guest book database and run entries.pl against it, marking one or more entries for deletion. When you’re finished, go back into the guest book through your Web site’s front door, then display the list. You’ll see that the entries you just marked are gone.

The method we used to mark the entries—HTML form check boxes—is particularly convenient for chores such as editing database entries. Recall that a check box only appears in the CGI query string if it’s checked in the form. By displaying the guest book entries in order, it’s easy to keep track of them and also to assign a value to that entry’s check box. In other words, the first entry from the file would have an index of zero and so would its check box. When it’s checked, it goes into the CGI query string in the form NAME=VALUE; sent from the form in entries.pl, check box 0 would send delete=0.

Once the query string values are stripped away from their names in delguest.pl, we are left with an array of index numbers of entries that should be deleted. From there, it’s pretty simple to read the entire guest book database into a Perl array and then write it back, skipping the indexes marked for deletion. This is done in a foreach loop:

   $RecCount = 0;
   $DelCount = 0;

   foreach $record (@DataBase)
      {
      if ($RecCount == $DelGuest[$DelCount])
         {
         $DelCount++;
         }
      else
         {
         print GUEST_LOG $record;
         }
      $RecCount++;
      }               # End foreach $record…

Notice the two counters defined before the loop begins, $RecCount, which counts the guest book entries, and $DelCount, which is used as an index into the array of records to be deleted. If $RecCount is equal to the record number $DelCount points to in the @DelGuest array, $DelCount is just incremented and the loop starts over after adding 1 to $RecCount. The record is skipped. Otherwise, it’s written back into the file.

Again, you can use the concepts presented in this skill to do any number of maintenance tasks on your Web site. And you can do the tasks in a secure environment, too.


EXERCISE:  The Sambar Server: Building Your Web Site

You’ve learned how important security is to a well-run Web site. You’ve also picked up some techniques for securing Web pages and doing maintenance on your site:

  Add the small maintenance module from this skill to your Sambar Web site so you can edit your guest book.
  Try to think of other applications that you can drop into your maint directory.
  Take an inventory of what you have on your server’s disk or disks. If you’re familiar with it, you’ll know in the future when someone’s been adding or deleting files behind your back.

Are You Experienced?

Now you can…

  identify and plug security holes on your Web server
  understand how security is handled and what tools are available on UNIX and Windows NT
  protect Web pages with encrypted passwords
  begin a maintenance module for your Web site


Previous Table of Contents Next


Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home

Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited.