Link to home
Start Free TrialLog in
Avatar of sybe
sybe

asked on

IIS4 and perlscripts that write to a file

I got my perlscripts running on IIS4, they respond ok to the browser.
But the scripts that are supposed to write to a file with this code:

open(OUTFILE, ">bla.txt");
print (OUTFILE "test\n");
close(OUTFILE);

Just don't write to the file. There is no error message.

print "Content-type: text/html\n\n";
print "here we are";

After the writing statement gives the right output to the browser.

Also when the script is run from the command prompt it works ok.

I checked security, and I don't think there is a problem there.
ASKER CERTIFIED SOLUTION
Avatar of b2pi
b2pi
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sybe
sybe

ASKER

Now this is an interesting suggestion, When I do as you say, the code is as follows:
=======================
#!usr/local/bin/perl

open(OUTFILE, ">>/Inetpub/scripts/perl/test2/bla.txt") || die "Content-type: text/html\n\n$!\n\n";
print (OUTFILE "test\n");
close(OUTFILE);

open(READFILE, "/Inetpub/scripts/perl/test2/bla.txt");
$line = <READFILE>;
close(READFILE);

print "Content-type: text/html\n\n";
print "$line<BR>\n";
print "here we are";
============================

and the response in the browser is:

"Permission denied "


Using the code that I had before:
========================
#!usr/local/bin/perl

open(OUTFILE, ">>/Inetpub/scripts/perl/test2/bla.txt");
print (OUTFILE "test\n");
close(OUTFILE);

open(READFILE, "/Inetpub/scripts/perl/test2/bla.txt");
$line = <READFILE>;
close(READFILE);

print "Content-type: text/html\n\n";
print "$line<BR>\n";
print "here we are";
============================

The response in the browser is:

phrase from bla.txt
here we are

==========================

So it might after all be a permission thing.

What permissions are needed on NT ??

Avatar of b2pi
b2pi
Flag of United States of America image
Clearly, you don't have write permissions.  Let me guess... the script works if you run it from the command line, but not if you run it from the server, right?  So the question is, what is the current directory when you're running from the server, and who cares, as you don't have write permissions there.  Thus, open the file in a directroy where you have write permissions.... (Ummm, for instance, the one you're in when you're running the script manually from the command line..., or /tmp, or the value of $ENV{tmp} or the value of $ENV{temp} or ....


Avatar of sybe
sybe

ASKER

When I give everyone -> full control, it works, now it's only a matter of denying what rights are not needed.

Thanks, it helped me a lot.

What does

|| die "Content-type: text/html\n\n$!\n\n

exactly do ? display the error message ?
so $! is the error message
Avatar of b2pi
b2pi
Flag of United States of America image
$! is indeed the error message.

But!!!! STOP!!!!!!!!!!!!!!!!!!!! STOP!!!!!!!!!!!!!!!!!!!!STOP!!!!!!!!!!!!!!!!!!!!STOP!!!!!!!!!!!!!!!!!!!!STOP!!!!!!!!!!!!!!!!!!!!
DO NOT GIVE EVERYONE FULL CONTROL!!! If you do, some nice person from the outside world could easily come in and take you down.  Hard!!!!  Instead, give everyone
full control to, say, C:\temp, and open the files there...

open (OUTFILE, ">>/temp/bla.txt") || die ....

You never want anyone writing to that scripts directory.  A better solution is to find out who the user is when executing cgi scripts (I can't remember for IIS, but it may well be "NOBODY") and give that user write rights to a data directory, which no-one else has write-rights to.