📄 ch7.htm
字号:
<HTML>
<HEAD>
<TITLE>Chapter 7 -- Advanced Tasks for Perl</TITLE>
<META>
</HEAD>
<BODY TEXT="#000000" BGCOLOR="#FFFFFF" LINK="#0000EE" VLINK="#551A8B" ALINK="#CE2910">
<H1><FONT SIZE=6 COLOR=#FF0000>Chapter 7</FONT></H1>
<H1><FONT SIZE=6 COLOR=#FF0000>Advanced Tasks for Perl</FONT>
</H1>
<HR>
<P>
<CENTER><B><FONT SIZE=5><A NAME="CONTENTS">CONTENTS</A></FONT></B></CENTER>
<UL>
<LI><A HREF="#Forms">
Forms</A>
<UL>
<LI><A HREF="#FormattingReports">
Formatting Reports</A>
<LI><A HREF="#LoginandSecurity">
Login and Security</A>
<LI><A HREF="#Poker">
Poker</A>
<LI><A HREF="#FormtoUpdatetheMailingList">
Form to Update the Mailing List</A>
<LI><A HREF="#EmailRequestForm">
E-mail Request Form</A>
<LI><A HREF="#SimpleDatabaseManipulation">
Simple Database Manipulation</A>
<LI><A HREF="#TheAnimatedLogo">
The Animated Logo</A>
</UL>
<LI><A HREF="#Conclusion">
Conclusion</A>
</UL>
</UL>
<HR>
<P>
Beyond the simple tasks discussed in the previous chapter, Perl
can also be used to create more sophisticated scripts, such as
those that rely on multiple requests, or calls, for data from
the user. These scripts can also interact with several files on
the server to gather, leave, and change data. One of the best
methods of passing data to the Perl script is the use of the HTML
form.
<P>
In this chapter we will take a quick look at the HTML form. We
will then apply it to Perl to develop scripts that create reports;
accept letters to the editor and turn them into e-mail; and even
allow the user play a game of poker.
<H2><A NAME="Forms"><FONT SIZE=5 COLOR=#FF0000>
Forms</FONT></A></H2>
<P>
To pass data from a Web page to a Perl script over the Internet
you must use the Common Gateway Interface (CGI), one of a set
of specifications that allow different computer platforms to communicate
and use the same data. By far, the heaviest use of the CGI is
for the submission of HTML forms. All kinds of information can
be gathered and shared through the use of forms, including the
guestbook example that was developed in previous chapters.
<P>
If you are not familiar with the details of HTML forms, see Chapter
10 for an in-depth discussion.
<H3><A NAME="FormattingReports">
Formatting Reports</A></H3>
<P>
Originally, Perl was created to produce reports. Reports are used
to gather and organize data to help you update your Web site and
server. The many ways that reports can be used fall outside this
book's focus, but when dealing with Perl it doesn't seem right
not to mention at least one example of its ability to produce
reports. For example, consider
<BLOCKQUOTE>
<PRE>
#!/usr/bin/perl
# report.pl
format FILES =
+++++++++++++++++++++++++++++++++
| @<<<<<<<<<<<<< @<<<<<<<<<< |
$file, $size
+++++++++++++++++++++++++++++++++
.
foreach $file (<*.htm>) {
$size=($stat($file))[7];
write FILES;
}
</PRE>
</BLOCKQUOTE>
<P>
This script will get every .htm file in the current directory
and print its name and size in the format described by FILES.
The size of the field is determined by the size of the space reserved
for the variable contents; that is, the number of placeholders,
including the @ sign. If the contents are too long, they will
be truncated. The example above has a box around the name and
size and both fields are left-justified. To change the justification,
replace @<<<<<< with @>>>> for right-justified,
and @||||| for center-justified.
<H3><A NAME="LoginandSecurity">
Login and Security</A></H3>
<P>
You may require access restrictions on some of your Web pages.
Perl can provide various kinds of login setups to access these
pages. The following is a form and associated script that ask
for a user's name and password.
<BLOCKQUOTE>
<PRE>
<HTML>
<TITLE>Login:</TITLE>
<BODY>
<H1>Login:</H1>
<HR>
<P>
<FORM METHOD="POST" ACTION="http://www.myserver.com/cgi-bin/login.pl">
Please log in with your username and password:<P>
Username: <INPUT TYPE="TEXT" NAME="userid" SIZE=3Ø><BR>
Password: <INPUT TYPE="PASSWORD" NAME="password" SIZE=3Ø><BR>
<P>
<INPUT TYPE="SUBMIT" VALUE="Login">
<BR>
</BODY>
</HTML>
</PRE>
</BLOCKQUOTE>
<P>
This produces the page shown in Figure 7.1 and the associated
Perl script.
<P>
<A HREF="f7-1.gif" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/f7-1.gif"><B>Figure 7.1 :</B> <I>The password input page</I>.</A>
<BLOCKQUOTE>
<PRE>
#!/usr/bin/perl
# password.pl
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs=split(/&/, $buffer);
# This is the Name-Value pair splitter..
# Put into $FORM array
foreach $pair (@pairs) {
($name,$value)=split(/=/,$pair);
$value=~tr/+/ /;
$value=~s/%([a-fA-F0-9][a-fA-F0
9])/pack("C",hex($1))/eg;
$FORM{$name}=$value;
}
$found=Ø;
open(PASS, "passwd");
while ($line=<PASS>) {
($userid, $password)=split(/:/,$line);
if (($userid eq $FORM{userid}) && ($password eq
$FORM{password})) {
$found=1;
}
}
close(PASS);
if ($found==1) {
print "Location: http://www.myserver.com/secret.htm\n\n";
}
else {
print "Content-type: text/html\n\n";
print "<HTML>\n<BODY>\n<TITLE>Login Failed!</TITLE>\n";
print "<H1>Login Failed!</H1>\n<HR>\n<P>\n";
print " Your Userid and Password were invalid. Please click the";
print "<B>Back</B> button and try again.\n";
print "</BODY>\n</HTML>\n";
open(MAIL, "|mail sysadmin\@yourdomain.com");
print MAIL "Subject: Failed Password attempt!\n";
print MAIL "There was a failed password attempt!\n";
print MAIL "\nUsername: $FORM{userid}\n";
print MAIL "\nPassword: $FORM{password}\n";
print MAIL "Attempt from: $ENV{'REMOTE_ADDR'}\n";
close MAIL;
}
</PRE>
</BLOCKQUOTE>
<P>
The "Location" directive, when printed to the browser,
tells Perl to load a specified Web page. This saves you the trouble
of opening the Web page and printing it to the browser yourself.
However, if you can load the Web page this way, anyone else can
load it with the browser if he or she knows the URL, making it
a security risk, if you want to restrict access to that page.
<P>
The only way to limit the number of password tries through the
Web Form would be to limit it for everyone. If one person fails
three times, and the script shuts down the access, it affects
everyone who tries to access the Web page, legitimate or not.
The alternative is to mail the System Administrator if the attempt
fails, and send some useful information.
<P>
If the login fails, the server returns a page as shown in Figure
7.2.
<P>
<A HREF="f7-2.gif" tppabs="http://210.32.137.15/ebook/PC%20Magazine%20Programming%20Perl%205.0%20CGI%20Web%20Pages%20for%20Microsoft%20Windows%20NT/f7-2.gif"><B>Figure 7.2 :</B> <I>Failed login</I>.</A>
<P>
If you want a bit more security, you can store the pages you want
to protect from unwanted user access in a less easily accessible
directory and then have the program print the page line by line
to the browser if it has been authorized to do so. You might want
to protect a "members only" section of your site, where
different users have paid for the use of those Web pages and their
data. Also, the passwords are stored in plain text. WinPerl does
not have the crypt() option of its UNIX counterparts. For that
reason you cannot encrypt the password unless you create, or roll,
your own encryption algorithm. The passwd.pl file, never held
in a directory accessible by a Web browser, is just a plain text
file with the following format:
<BLOCKQUOTE>
<PRE>
userid1:password1
userid2:password2
</PRE>
</BLOCKQUOTE>
<H4>Logging</H4>
<P>
Not enough emphasis can be placed on developing the healthy practice
of logging and reading logs. With Windows NT, the program Event
Viewer is ideal for accessing all of your logs, as well as for
formatting them to render their data in the most effective way.
It is recommended that you regularly review the Security log,
System log, and Application log. In the Security log keep a special
watch out for the little lock icon, which signifies a failed attempt,
or audit. It can inform you whether someone is trying to snoop
around in your system. The lock icon is automatically applied
by Event Viewer.
<H4>Passwords</H4>
<P>
If you use passwords with your site, you might consider both posting
a short memo to your site regarding a good procedure for password
selection for your users to follow, and running a script regularly
on your users' password files to check for easily cracked passwords.
For more information on creating a good password selection memo
and other security concerns try
<BLOCKQUOTE>
<PRE>
<A HREF="javascript:if(confirm('http://www.yahoo.com/Computers_and_Internet/Security_and_Encryption/ \n\nThis file was not retrieved by Teleport Pro, because it is addressed on a domain or path outside the boundaries set for its Starting Address. \n\nDo you want to open it from the server?'))window.location='http://www.yahoo.com/Computers_and_Internet/Security_and_Encryption/'" tppabs="http://www.yahoo.com/Computers_and_Internet/Security_and_Encryption/">http://www.yahoo.com/Computers_and_Internet/Security_and_Encryption/
</A></PRE>
</BLOCKQUOTE>
<P>
If you are interested in running a password checking script, you
might look ahead to the next chapter where there is a basic Perl
script that looks for bad passwords.
<H3><A NAME="Poker">
Poker</A></H3>
<P>
Many sites benefit from the addition of a little relaxing fun,
like a poker game. This program allows you to create a poker game
of five-card stud to be played with the user. The script is designed
for expansion, so you can also include other game and betting
options.
<P>
The key to designing any kind of card game is to use associative
arrays and to create interesting graphics to be linked to each
element. This script does not come with its own card face graphics
or scoring system.
<BLOCKQUOTE>
<PRE>
#!/usr/bin/perl
# poker.pl
@orig=("h1","h2","h3","h4","h5","h6","h7","h8","h9","h1Ø","hjack","hqueen","hking");
# Shuffle the deck
for ($x=52; $x>Ø; x--) {
$w=int(rand($x))+1;
push(@deck, @orig[$w]);
for ($y=1; $y<=$x; $y++) {
if ($y != $w) {
@new=@new+$orig[$y];
}
else {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -