Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 14 of 14
  1. #1
    Registered User
    Join Date
    Jun 2002
    Posts
    67
    Thanks
    0
    Thanked 0 Times in 0 Posts

    So simple a perl question i'm almost embarrassed to ask. (Print text to TOP of file).

    OK, to append it's something like:


    $mystuff= $formdata{'mine'};
    $inputstuff = $formdata{'inputtext'};
    open (LOG, ">>stuff.txt") || &ErrorMessage;

    and to wipe clean and overwrite it's

    $mystuff= $formdata{'mine'};
    $inputstuff = $formdata{'inputtext'};
    open (LOG, ">stuff.txt") || &ErrorMessage;

    but.... how do i make it so that input from a simple form goes to the TOP of my text file whilst keeping everything else that's there? Is there something simple to write instead? or does it involve harder work than it sounds? It seems as if it should be something I already know, but unfortunatly it's either too simple to document on the internet that i've searched so far or no one else ever needs to do this?? :S

    Sarah.

  • #2
    Regular Coder
    Join Date
    Jun 2002
    Location
    the Netherlands
    Posts
    215
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Here's what I use for problems like this:

    Code:
    $mystuff= $formdata{'mine'}; 
    $inputstuff = $formdata{'inputtext'}; 
    open (LOG, "stuff.txt") || &ErrorMessage;
    @data = <LOG>;
    close (LOG);
    
    open (LOG, ">stuff.txt") || &ErrorMessage;
    print LOG "String or whatever to write to the top of the file";
    foreach (@data) {
    	print LOG $_;
    }
    close(LOG);
    Mzzl, Chris

  • #3
    Registered User
    Join Date
    Jun 2002
    Posts
    67
    Thanks
    0
    Thanked 0 Times in 0 Posts
    aaah, i see how you're doing it... taking it all out of the file, writing the stuff i need to put at the top and then rewriting everything that was already there afterwards. guess they never make it simple, eh?

    Anyway, thanks!

  • #4
    Regular Coder
    Join Date
    Jun 2002
    Location
    the Netherlands
    Posts
    215
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I was told lately why there things like this in Perl; the idea is, they give you everything you need and the rest is up to you.

    (They give you the ability to write to files, but you have to make it write to the top of the file )

    Mzzl, Chris

  • #5
    New to the CF scene
    Join Date
    Sep 2013
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I know I'm replying to an 11 year old thread, but I use this to achieve printing to the top of a file.
    "open (LOG, '+>comments.html');"

    It works fine.

  • #6
    Super Moderator
    Join Date
    May 2005
    Location
    Southern tip of Silicon Valley
    Posts
    2,913
    Thanks
    2
    Thanked 164 Times in 159 Posts
    If by "It works fine" you mean that it wipes out the current contents of the file before adding the new data, then I would agree. However, if you want to achive the results that the OP was wanting, then it certainly would not work.

  • #7
    New to the CF scene
    Join Date
    Sep 2013
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Of course I didn't mention the need to read the file first...I thought that was a 'given'....sheesh.
    Here...
    "open(MYINPUTFILE, "+<comments.html");
    my(@lines) = <MYINPUTFILE>;
    @lines = sort(@lines);
    my($line);
    foreach $line (@lines)
    {
    open (LOG, '+>comments.html');"

    That's for all you people who need their hand held.

  • #8
    Super Moderator
    Join Date
    May 2005
    Location
    Southern tip of Silicon Valley
    Posts
    2,913
    Thanks
    2
    Thanked 164 Times in 159 Posts
    Your first open call is the "correct" way to open a filehandle in read/write mode, but opening it in that mode is unnecessary based on the rest of your code. Additionally, it has the following 3 issues.

    1) You should be using a lexical var instead of a bareword filehandle. I'll assume that you used the bareword because that's what the OP used.

    2) You should use the 3 arg form of open.

    3) You should ALWAYS check the return code of an open call and take proper action if it had failed.

    Slurping the file into an array is fine, but why sort the array? That is not what the OP was wanting.

    Declaring $line prior to the loop is unnecessary and in most cases unwanted. It should be declared in the loop initialization.

    Opening the filehandle inside the loop is NOT what you should be doing, especially the way you're doing it. Refer back to my other post for the reason and read the perldoc on open to get more details why you're opening it in the wrong mode.

    Tying those points together, here's a proper solution to the OP's question.
    Code:
    my $inputstuff = $formdata{'inputtext'};
    
    # The OP never stated this,
    # but I'll assume that ErrorMessage includes a die statement
    open my $log_fh, '<', 'stuff.txt' or ErrorMessage();
    my @log_data = <$log_fh>;
    close $log_fh;
    
    open $log_fh, '>', 'stuff.txt' or ErrorMessage();
    print $log_fh "$inputstuff\n", @log_data;
    close $log_fh;
    Here's another shorter/cleaner solution.
    Code:
    use Tie::File;
    
    my $inputstuff = $formdata{'inputtext'};
    
    tie my @log_data, 'Tie::File', 'stuff.txt' or ErrorMessage();
    unshift @log_data, $inputstuff;
    untie @log_data

  • #9
    New to the CF scene
    Join Date
    Sep 2013
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    FishMonger, you are so accurate...but as an example, I left out the pertinents of the script that calls other functions. Thank you for pointing this out to us.... BTW, the script I posted was just a bit of info the OP could build upon...given his/her lack of knowledge using PERL. Maybe in the future, I should include reasons, explanations, tutes, and/or shortcuts for the way things "work"....Damn, who'd ever think an 11 year old thread would draw us close like this has?

  • #10
    New to the CF scene
    Join Date
    Sep 2013
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    >Apparently, (I'm assuming), you have skills beyond my hobby (and it's just
    > that...a hobby).
    >
    > I just do what works for me and my Apache server...never had a problem,
    > and next time I browse the Archive and think my solution works across the
    > board, I'll realize my way, being trial and error, doesn't apply in all
    > situations.
    >
    > In the Archive, that was post # 56 from the start of CF.... I won't reply
    > to anymore posts since you have it under control.


    That's an unfortunate decision. This site could always use more
    contributors.


    > Thank you for illiciting a response from me, posting a reply, but without
    > actually posting the needed info.
    >
    > That makes it personal and NOT of the flavor of this forum.
    >
    > Next time, just add the required info and step back from the ususal "I'm
    > better than you" attitude your reply implies.


    In hind sight I see that my first post might have been a little terse. I
    apologize for that.

    If you feel that you need to drop out the first time your feelings get

    hurt based on your perceived impression that I (or anyone) has an "I'm
    better than you" attitude, then you may want to reflect on what that says
    about you. No insult intended in that statement.

    When you were writing your first post there was a warning indicating that

    your post might get deleted. When I saw the post I almost deleted it
    because of 1) age of the original thread, 2) neither of the original users
    have been back since 2005/2006, and 3) your solution did not work.
    However, I choose to keep it and point out a problem with it but neglected
    to expand on it and show the correction until the later post.



    > I just joined this forum, and since you've been here for a long time
    > doesn't mean your word/script is the end all, be all of PERL.


    I never said or believe that to be true.



    > Another thing to consider....as you read this message.....did it ever
    > occur to you to do a scan for "less than obtrusive" coding or
    > timestamped/IP/hidden vulnerabilities associated with this and MANY
    > forums?
    >
    > XSS is one major hole here, but keep coding as such....you're safe.
    >
    > I hope you are up to date with what's available through simple vectors.
    >
    > That's one forum I want to post in.....can you compete?


    This is not a competition. I have no desire or intention to compete with
    you in any realm. I would prefer to have a reasonable dialog where we can
    learn from each other.


    > Will I be banned from CF for posting it's holes?

    What makes you think I or any other mod would ban you for pointing out
    possible security holes?


    > Maybe I should consult YOU before I post an exploit?
    >
    > That should shake this community!!
    >
    > Seriously.....I await your reply to my ammended reply to YOUR reply
    > stating the obvious.....
    > I never knew I needed to spell it all out......Get a clue,
    > dude/woman/whatever....11 years and you're current...wow
    >
    > Funny how you didn't know the answer back then.



    Take note that I'm providing my true contact info and not hiding behind a
    throw away email address. Would you like to do the same?


    [I]--

    My feelings aren't hurt, but knowing this forum has someone to point out and argue over symantic issues makes me wonder if I'm dealing with someone who barely shaves, has acne, and still lives with Mommy.
    You could do yourself a favor and bite your "I ALMOST DELETED YOUR POST" tongue and learn from folks like me who are probably the BEST in the field.
    I again proclaim PERL as a hobby, as I do Amateur Radio, Chemistry, Astronomy, Aviation, Scripting, Penetration Testing, and the soon to be pilot of my second WWI replica of full scale, flyable Warbirds....this time it's a DR-1, you probably know it as "The Red Baron"...yeah, a triplane.

    You script on, FishMonger.
    I hope someday your life is filled with other 'more enjoyable' aspects that aren't keyboard related.
    Have you tried fishing yet?
    Is this post going to be deleted because YOUR feelings were hurt?

    [/B]
    Last edited by ThrowSomething; 09-27-2013 at 01:55 PM. Reason: Personal/private info removed from open forum

  • #11
    Super Moderator
    Join Date
    May 2005
    Location
    Southern tip of Silicon Valley
    Posts
    2,913
    Thanks
    2
    Thanked 164 Times in 159 Posts
    Please, lets be civil and not go into the insults and name calling.

    As you can see, I have not deleted your post, but will if you can't be civil.

    A person that is "the BEST in the field" would not have posted the code you say "works fine".

  • #12
    New to the CF scene
    Join Date
    Sep 2013
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    FishMonger, you have my full respect, here and elsewhere. You're only doing your job, and I respect that.
    I've crafted a script that allows directory traversal of any site regardless of the .htaccess or index.html file parsed.
    This has opened the web in ways layfolks can't imagine.
    Remember the "/%3f" exploit back in the 90's? This brings it all back WITH extras...lol.
    If you do a CD?/../ (Change Directory) in the URL, it works as if you actually have root from a command prompt...on ANY site.
    My son knows about this exploit, and he, being the gamer he is, will probably let it slip. He owns a major Gamer Website.
    If you have <title> in any webpage, it works simply in the address bar...Protected directories have such, but not as we would script.
    This is the flaw....The server will show the name of the directory, but this takes it well beyond that.
    The DOM is somewhat in play here....Most browsers look for a certain criteria in the header, but this PERL script, which uses LWP, does an added unthought of query.
    Cached requests are the propriorty of any site, and thereby there is a certain window of oppertunity.
    Hence, the flaw.
    My obviously misguided, poorly scripted experiments brought this (OOPS) flaw to surface. I've tried it across the main browsers, but Chrome doesn't parse-out like the rest do. Maybe the big folks know about this?
    Dave

  • #13
    Super Moderator
    Join Date
    May 2005
    Location
    Southern tip of Silicon Valley
    Posts
    2,913
    Thanks
    2
    Thanked 164 Times in 159 Posts
    What does any of that have to do with the subject of this thread and the code you posted?

    If you do a CD?/../ (Change Directory) in the URL, it works as if you actually have root from a command prompt...on ANY site.
    If that is true, then prove it by accessing my home directory on my company's web server or email server, both of which were provided to you in my email to you.

  • #14
    New to the CF scene
    Join Date
    Sep 2013
    Posts
    6
    Thanks
    0
    Thanked 0 Times in 0 Posts
    LOL...you are, just like anyone else, ready to view the logfiles to show the actual commands...Gimme a break! Let's do this in email, fool....
    From your past responses, I'd bet you tried that just now in your address bar!...Ha....Want to be shown what's vulnerable? I've got the perfect solution. Again, emails......
    Regards, Detlef.
    Last edited by ThrowSomething; 09-27-2013 at 05:56 PM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •