CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Beginner:
Script problem (Reward to the one who solves it)

 



William_H
Deleted

Jan 21, 2001, 12:07 AM

Post #1 of 3 (431 views)
Script problem (Reward to the one who solves it) Can't Post

Hello!

I have a problem with a search engine perl script i recently installed. Can someone help me please? When i execute the script i get an 500 error message and when i looked at the errorlogs i found this:

[Fri Jan 19 17:08:12 2001] [error] [client 130.67.15.246] Premature end of script headers: /home/altavi/public_html/cgi-bin/query.cgi

Do someone know what's wrong? I know it have nothing to do with permissions, server paths etc i know how to do that, it is a error in the script. You can mail me if you want the complete script with all files for examination, but if you just want to look at the source code for query.cgi where the error seems to be located at you can go to: http://www.altavi.com/query.txt

I will give the one who solves the problem a high ranking link on the up-coming Altavi.com. (It contains some webmaster resources with about 2000 unique visitors a day now but i will turn it into a higher trafficated search engine site soon)

Thanks in advance! :)


William
altavi@altavi.com
ICQ: 101120901



BigRich
Novice

Jan 21, 2001, 3:26 AM

Post #2 of 3 (426 views)
Re: Script problem (Reward to the one who solves it) [In reply to] Can't Post

Suggestion: Throw that script out and get one written by a Perl programmer.

The problem with freeware is that you usually get what you pay for. (I hope you didn't pay someone for that code!)

Here are (some of) the errors I found.

1) No closing curly brace on the following statement.

if ( ($create_log eq "YES") ) {
open KEYWORDS, ">>logs/$date";
print KEYWORDS "$keywords\n";
close(KEYWORDS);

2) The previous statement means nothing because the only time the variables $date and $keywords are used in the entire script are in that statement so no log file will ever be created and nothing would be printed to it if it was.

3). There is practically no error handling. And, if the proper parameters aren't passed to the script so that it does handle an error, there is no http header printed so the script couldn't print an error if it wanted to.

4) The following should be changed:

from:

if ($FORM{'url'} eq "" || $FORM{'title'} eq "" || $FORM{'email'} eq "" || $FORM{'description'} eq "" || $FORM{'keywords'} eq "") {

}

to,

if ($FORM{'url'} eq "" || $FORM{'title'} eq "" || $FORM{'email'} eq "" || $FORM{'description'} eq "" || $FORM{'keywords'} eq "") {

# The programmer who wrote this is either too lazy
# or too incompetent to handle errors properly so
# we'll just cause a hard-to-track internal server
# error if we don't get the form parameters we want



}

5) I assume is your fault.

print MAIL "From: addurl@altavi.com\n";

should be:

print MAIL "From: addurl\@altavi.com\n"; #@ is escaped in double quotes

or:

print MAIL 'From: addurl@altavi.com\n'; #no escape needed with single quotes

6) The message in the half-hearted attempt at error handling needs to be changed.

from:

sub error {
$noshow = 1;
print "Content-type: text/html\n\n";
&heading;
print "<b>Our server is busy</b>
Due to high traffic we could not complete your request at this time. Please try again in a minute or two.\n";
&footer;
}

Since a visitor that is entering incorrect information keeps seeing the message (lie) above and thinks that the server is busy and doesn't know that he is entering the incorrect information, we should change it to:

sub error {
print "Location: "http://some-where-else.com/ \n\n";
# Might as well send them away because they aren't
# going to stay at this site
}


When you're looking for a new script, check to see that the very fist line ends with -w (ie. #!/usr/bin/perl -w (preferrably -wT)).

Your error log would have had a lot more to say if warnings (-w) had been enabled in this script.

If you plan on using freeware CGI scripts but don't know enough to debug them, at least make sure that the script has warnings enabled (-w) and uses the "strict" pragma.

such as:

#!/path/to/perl -w

use strict;


This shows that the programmer at least attempted to write solid code.

And, if the script won't run using taint checking (-T), such as,

#!/path/to/perl -wT

use strict;

it probably means that the script MAY have the capability to access information that you would rather not be accessed or destroy information that you would rather not be destroyed.



BigRich



William_H
Deleted

Jan 21, 2001, 9:42 AM

Post #3 of 3 (420 views)
Re: Script problem (Reward to the one who solves it) [In reply to] Can't Post

Thanks for the help but i still get the 500 internal server error code. I run other cgi scripts in the same directory which works just fine, so the only possibility is error in script.

No, i didn't pay for the script, it is a copy of the script EasySearch which i have edited heavily. (Mostly on design, not too much hard code) I am fairly new to Perl so i must have done something wrong. PHP is my game. :)

I see the problem with the routine for saving statistics, so i removed this. I can integrate this script again at a later time, and replace the keywords value with the words value which is correct. When (if) i get the script to run i can try to add more functions, and if i do it wrong it no bigger problem than just undo.

I see you are a experienced perl programmer, wouldn't you fix it for me? It's a permanent high ranking link from Altavi.com in it for you if that is okay.

I have packed all the files in a ZIP file, you can find it here: http://www.altavi.com/search.zip

Also, i updated query.txt with the latest changes.


I want you to know that even if you don't help further, thanks anyway for you time! I really appreciate it!


William
altavi@altavi.com
ICQ: 101120901


 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives