[Lugge] Re: Un casino enorme da risolvere... (html & prog-execution - script)

  • From: "Zingus J. Rinkle" <1999s039@xxxxxxxxxxxxxxxxxx>
  • To: lugge@xxxxxxxxxxxxx
  • Date: Tue, 14 Jan 2003 03:23:34 +0100

> PS: allego script cgi di esempio per il piacere di grandi
> e piccini...  Come notera` chi se lo legge, la shell e`
> una specie di inferno per chi scrive cgi... E non e` sano
> immaginare che uno script shell non banale possa essere in
> qualche modo definito ``sicuro''...

Mo` lo faccio sul serio... E son cavoli vostri...
-- 
  _________  +-------------------------------------------------------+
\/   _____/ /  http://as0.da.ru  http://as1.da.ru      icq:164939262 |
ZJR _____/ |  alternative mailto:zingus_at_despammed.com             |
/\______/  +-------------------------------------- Zingus J. Rinkle -+
#!/bin/bash
echo -e "Content-Type:text/html\n\n"
echo -e "<html><head><title>stafava.cgi</title></head><body>"
echo "<hr>"
echo "<h4>Hello, I'm the \`\``basename $0`'' cgi running on 
\`\``hostname`''.</h4><br><hr>"
echo "<h4>You'll probably like to know I'm running as user:<br></h4>`id|sed 's/ 
/<br>/g'`<br><hr>"

cat <<END
<h4>You can supply me some arguments using this form</h4>
<a name="form1"><form method=GET action="#form1">
<table>
<tr><td>Text:</td><td><input type=text name=text1></td></tr>
<tr><td>Buttons:</td><td>
        1 <input type=radio name=radio1 value=1>
        2 <input type=radio name=radio1 value=2>
        3 <input type=radio name=radio1 value=3>
        4 <input type=radio name=radio1 value=4>
        5 <input type=radio name=radio1 value=5>
        6 <input type=radio name=radio1 value=6>
</td></tr>
<tr><td></td><td align=right><input type=submit value=GET></td><tr>
</table>
</form>
</a>
<br><hr>
END

echo "<h4>Here we have the arguments you supplied to me:</h4>"
echo "argv = \`\`$@''<br>";
echo "QUERY_STRING = \`\`$QUERY_STRING''<br>"
echo "<br><hr>"

cat <<END
<h4>You can POST me something using this form</h4>
<a name="form2"><form method=POST action="#form2">
<table>
<tr><td>Text:</td><td><input type=text name=text1></td></tr>
<tr><td>File:</td><td><input type=file name=file1></td></tr>
<tr><td>Buttons:</td><td>
        1 <input type=radio name=radio1 value=1>
        2 <input type=radio name=radio1 value=2>
        3 <input type=radio name=radio1 value=3>
        4 <input type=radio name=radio1 value=4>
        5 <input type=radio name=radio1 value=5>
        6 <input type=radio name=radio1 value=6>
</td></tr>
<tr><td></td><td align=right><input type=submit value=POST></td><tr>
</table>
</form>
</a>
<br><hr>
END


echo "<h4>And here follows what you POSTed to me:</h4>"
cat
echo "<br><hr>"


{
echo "<h4>Here follows your environment:</h4>"
set | sed 's/</\&lt;/g;s/>/\&gt;/g'
echo "<hr><h4>...and here what happens to be in this host's /tmp folder :</h4>"
ls -F /tmp 
} | sed 's/$/<br>/'

echo "</body></html>"

Other related posts: