Solved

What do i change to make this cgi script.. recognize and prombt for "save as" upon clicking

Posted on 1997-07-24
9
253 Views
Last Modified: 2013-12-25
This cgi script is running now on my server

as you see it takes a password and delivers a .ra file

except right now the file comes up as text in the browser

i need the exact changes that would need to be made

to make the .ra file  prompt the

user for a "save as" and and then allow for download

of the song??  

exact detailed changes please!!!

#!/usr/bin/perl
#
# WEB900.PL (Verifies web900 codes)
#
# - Original script and file locking                  1/24/96 Bert Love
#
# - Modified the location of the challenge, good and bad HTML files for
# - security reasons. The $oordir variable is the out-of-reach directory.
# -                                          5/21/96      S. Thomas
#

#
# File locations
#
#      oordir      - Set this to the directory just out of reach of the web server directory.
#            - Conventionally, this is the directory just above public_html:
# /usr2
# /usr2/shane                        (this is oordir)
# /usr2/shane/public_html            (this is the top of the HTTP dirs)
# /usr2/shane/public_html/cgi-bin

$oordir = '/usr/home/igor3000/webauth';
$webfile = "/$oordir/web.data";
$formfile = "/$oordir/webchall.html";
$goodfile = "$oordir/song.ra";
$badfile = "$oordir/bad.html";
$logfile = "$oordir/web.log";

#
# You shouldn't need to touch anything below this line!
#

require "ctime.pl";
chop($date = &ctime(time));
$WEBLEN =  8;             # fixed record length in webfile

# copy the values of these environment variables
$method = $ENV{"REQUEST_METHOD"};
$type = $ENV{"CONTENT_TYPE"};

# if the script was called with the GET method,
#  output the form
if($method eq "GET") {
      &send_file($formfile);
      exit;
}

# check for the POST method and the HTML form's MIME-type
if($method ne "POST" || $type ne "application/x-www-form-urlencoded") {
      &system_error("Web authorization code must come from a Form\n");
      exit;
}

# read form data from standard input
%input_values = &break_input;

# convert from the strange URL syntax to normal ascii
#  and translate non-UNIX line endings to UNIX convention
$number = &normalize_query($input_values{"number"});
$email = &normalize_query($input_values{"email"});

# verify number is seven digits
if(length($number) != 7) {
      &system_error("Sorry, but that number is not valid\n");
      exit;
}

# open Web file for read/write and lock
unless(open(WEB,"+<$webfile")) {
      &system_error("Could not open web data file.\n");
      exit;
}
#flock(WEB, $LOCK_EX);
seek(WEB, 0, 0);

# open log file as append and lock
unless(open(WLOG,">>$logfile")) {
#        flock(WEB, $LOCK_UN);
      &system_error("Could not open log file.\n");
      exit;
}
#flock(WLOG, $LOCK_EX);
#seek(WLOG, 0, 2);

$goodbad=$badfile;
SEARCH:
for ($recnum = 0; read(WEB, $goodnum, $WEBLEN); $recnum++) {
      $goodnum =~ tr/0-9//cd;
      if($number eq $goodnum) {            # got the number
            $goodbad=$goodfile;
            seek(WLOG, 0, 2);            # make sure we're at end
            print (WLOG $date, "  ", $number, "  ", $email, "\n");
            seek(WEB, -$WEBLEN, 1);
            $goodnum =~ tr/0-9/x/;
            print WEB $goodnum;
            last SEARCH;
      }
      seek(WEB, $recnum*$WEBLEN, 0);
}

# unlock and close files
#flock(WEB, $LOCK_UN);
#flock(WLOG, $LOCK_UN);
close(WEB);
close(WLOG);
chmod(0666, $logfile);

# send the good or bad news
&send_file($goodbad);
exit;

##
## SUBROUTINES
##

# read CONTENT_LENGTH bytes from the standard input and decode
# the URL format input, breaking it into an associative array
# of HTML variable names and their values.
sub break_input {
      local ($i);
      read(STDIN,$input,$ENV{'CONTENT_LENGTH'});
      @form_names = split('&',$input);
      foreach $i(@form_names) {
            ($html_name,$html_value) = split('=',$i);
            $input_values{$html_name} = $html_value;
      }
      return %input_values;
}

# handle system errors
sub system_error {
      local($errmsg) = @_;
      &print_header("System Error");
      print $errmsg;
      &print_footer;
}

# given a title, print the return header
sub print_header {
      local($title) = @_;
      print "Content-type: text/html\n\n";
      print "<HTML>\n";
      print "<HEAD>\n";
      print "<TITLE>$title</TITLE>\n";
      print "</HEAD>\n";
      print "<BODY>\n";
      print "<H1>$title</H1>\n";
}

# finish off HTML page
sub print_footer {
      print "</BODY>\n";
      print "</HTML>\n";
}

# URL syntax converts most non-alphanumeric characters into a
# percentage sign, followed by the character's value in hex.
sub normalize_query {
      local($value) = @_;
      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
      return $value;
}

# send specified HTML file
sub send_file {
      local($file) = @_;
        unless(open(FILE,$file)) {
            &system_error("Failed to open file $file\n");
            exit;
      }
      print "Content-type: text/html\n\n";
      while (<FILE>) {
            print;
      }
      close(FILE);
}
0
Comment
Question by:igor3000
  • 5
  • 3
9 Comments
 
LVL 2

Expert Comment

by:Voodoo
Comment Utility
The content-type header you return for the .ra files should not be text/html. Make it this instead:

print "Content-type: audio/x-realaudio\n\n";

That is the right header for .ra files.

0
 

Author Comment

by:igor3000
Comment Utility
i do not wish the program to load to "viewer"

i wish it to prompt a "save to hard drive"

this is not just for .ra files but for all audio files

and some of them  will be zipped

please give further detailed instructions


0
 
LVL 2

Expert Comment

by:Voodoo
Comment Utility
Then change the return header to:

print "Content-type: application/octet-stream\n";
print "Content-Disposition: inline; filename=$filename\n\n";

$filename can be used to indicate what to save the file as on the users machine.
0
 

Author Comment

by:igor3000
Comment Utility
Below is the changes i made to the cgi

see what i did wrong . or suggest something more

because it's doing the same exact thing as before






#!/usr/bin/perl
#
# WEB900.PL (Verifies web900 codes)
#
# - Original script and file locking                  1/24/96 Bert Love
#
# - Modified the location of the challenge, good and bad HTML files for
# - security reasons. The $oordir variable is the out-of-reach directory.
# -                                          5/21/96      S. Thomas
#

#
# File locations
#
#      oordir      - Set this to the directory just out of reach of the web server directory.
#            - Conventionally, this is the directory just above public_html:
# /usr2
# /usr2/shane                        (this is oordir)
# /usr2/shane/public_html            (this is the top of the HTTP dirs)
# /usr2/shane/public_html/cgi-bin

$oordir = '/usr/home/igor3000/webauth5';
$webfile = "/$oordir/web.data";
$formfile = "/$oordir/webchall.html";
$goodfile = "$oordir/gimmecd.ra";
$badfile = "$oordir/bad.html";
$logfile = "$oordir/web.log";

#
# You shouldn't need to touch anything below this line!
#

require "ctime.pl";
chop($date = &ctime(time));
$WEBLEN =  8;             # fixed record length in webfile

# copy the values of these environment variables
$method = $ENV{"REQUEST_METHOD"};
$type = $ENV{"CONTENT_TYPE"};

# if the script was called with the GET method,
#  output the form
if($method eq "GET") {
      &send_file($formfile);
      exit;
}

# check for the POST method and the HTML form's MIME-type
if($method ne "POST" || $type ne "application/x-www-form-urlencoded") {
      &system_error("Web authorization code must come from a Form\n");
      exit;
}

# read form data from standard input
%input_values = &break_input;

# convert from the strange URL syntax to normal ascii
#  and translate non-UNIX line endings to UNIX convention
$number = &normalize_query($input_values{"number"});
$email = &normalize_query($input_values{"email"});

# verify number is seven digits
if(length($number) != 7) {
      &system_error("Sorry, but that number is not valid\n");
      exit;
}

# open Web file for read/write and lock
unless(open(WEB,"+<$webfile")) {
      &system_error("Could not open web data file.\n");
      exit;
}
#flock(WEB, $LOCK_EX);
seek(WEB, 0, 0);

# open log file as append and lock
unless(open(WLOG,">>$logfile")) {
#        flock(WEB, $LOCK_UN);
      &system_error("Could not open log file.\n");
      exit;
}
#flock(WLOG, $LOCK_EX);
#seek(WLOG, 0, 2);

$goodbad=$badfile;
SEARCH:
for ($recnum = 0; read(WEB, $goodnum, $WEBLEN); $recnum++) {
      $goodnum =~ tr/0-9//cd;
      if($number eq $goodnum) {            # got the number
            $goodbad=$goodfile;
            seek(WLOG, 0, 2);            # make sure we're at end
            print (WLOG $date, "  ", $number, "  ", $email, "\n");
            seek(WEB, -$WEBLEN, 1);
            $goodnum =~ tr/0-9/x/;
            print WEB $goodnum;
            last SEARCH;
      }
      seek(WEB, $recnum*$WEBLEN, 0);
}

# unlock and close files
#flock(WEB, $LOCK_UN);
#flock(WLOG, $LOCK_UN);
close(WEB);
close(WLOG);
chmod(0666, $logfile);

# send the good or bad news
&send_file($goodbad);
exit;

##
## SUBROUTINES
##

# read CONTENT_LENGTH bytes from the standard input and decode
# the URL format input, breaking it into an associative array
# of HTML variable names and their values.
sub break_input {
      local ($i);
      read(STDIN,$input,$ENV{'CONTENT_LENGTH'});
      @form_names = split('&',$input);
      foreach $i(@form_names) {
            ($html_name,$html_value) = split('=',$i);
            $input_values{$html_name} = $html_value;
      }
      return %input_values;
}

# handle system errors
sub system_error {
      local($errmsg) = @_;
      &print_header("System Error");
      print $errmsg;
      &print_footer;
}

# given a title, print the return header
sub print_header {
      local($title) = @_;
      print "Content-type: application/octet-stream\n";
      print "Content-Disposition: inline; filename=$filename\n\n";
      print "<HTML>\n";
      print "<HEAD>\n";
      print "<TITLE>$title</TITLE>\n";
      print "</HEAD>\n";
      print "<BODY>\n";
      print "<H1>$title</H1>\n";
}

# finish off HTML page
sub print_footer {
      print "</BODY>\n";
      print "</HTML>\n";
}

# URL syntax converts most non-alphanumeric characters into a
# percentage sign, followed by the character's value in hex.
sub normalize_query {
      local($value) = @_;
      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
      return $value;
}

# send specified HTML file
sub send_file {
      local($file) = @_;
        unless(open(FILE,$file)) {
            &system_error("Failed to open file $file\n");
            exit;
      }
      print "Content-type: text/html\n\n";
        while (<FILE>) {
            print;
      }
      close(FILE);
}

0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 2

Expert Comment

by:Voodoo
Comment Utility
You changed the wrong content type. Its the content type in &send_file that needs to be changed, not your HTML header content type.

Also, you can't just return a different content type header straight after another. I.e. you won't be able to return a HTML page, followed by a file.
0
 

Author Comment

by:igor3000
Comment Utility
>>You changed the wrong content type. Its the content type in >>&send_file that needs to be changed,
                         not your HTML header content type.

--i don't see where your talking about to try the changes
--could you please reprint the cgi (or portion) to make
-- the change at..

   >                      Also, you can't just return a different >content type header straight after another. I.e. you won't be >able
                         to return a HTML page, followed by a >file.

--why is this?


0
 

Author Comment

by:igor3000
Comment Utility
hello?

are you gonna answer my question?


0
 

Author Comment

by:igor3000
Comment Utility
it's really important that i get this modyfiled

cgi to run.. could you copy the portion

of the script .. make the changes and then reprint them in

so i get a reference to what it looks like


0
 
LVL 1

Accepted Solution

by:
wormzer earned 50 total points
Comment Utility
You changed the wrong one.  There's one at the very bottom of the script.  I would try also, dumping the second line (the disposition line..)  What that's trying to do is doubling the effort that you're going to here.  Try both... I could be wrong.


0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this tutorial I will show you how to provide a dynamic RTF document on your website generated with data from your database. For this tutorial you will need Microsoft Word or WordPad, WhizBase and Microsoft Access. In this tutorial I will show …
In this tutorial I will show you how to make a simple HTML bar chart with the usage of WhizBase, If you want more information about WhizBase please read my previous articles at http://www.experts-exchange.com/ARTH_5123186.html (http://www.experts-ex…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now