TD's
Tidbits Page page last updated Wednesday, 08-Nov-2000 19:04:50 EST
TD's
Tidbits Page
page last updated Wednesday, 08-Nov-2000 19:04:50 EST
This section is for brief instructional
comments/answert to questions I have posted on various messageboards to help others. In
some cases I have expanded upon these comments and made full articles elsewhere on the
site. To ask me CGI questions please visit the forum.
- TDavid
Adding a "page last updated" using SSI
.htaccess .htpasswd withOUT Telnet access
Executing SSI
Permissions Explained
Displaying IP address in browser
404 Redirecting Using .htaccess and ErrorDocument
Great books on how to program in CGI and Perl
Generating Random Passwords
New! Test for environment variables
SSI to do "page last updated on ..."
If you can run Server Side Includes (SSI) on your website (you probably
can if you can run other CGI scripts), then you can quickly and easily add the time you
last updated your page with one small SSI tag. Try this and see if it works:
1. Using your HTML editor of choice open up the file where you want to include the
"Page Last Updated" and at the spot where you want the date and time put, place
the following SSI tag:
<!--#flastmod file="yourpagename.shtml" -->
2. Make sure that you change the yourpagename to the name of the page you are on and you
might (or might not) have to save the page as .shtml instead of .html. (NOTE: if you are
with Netpond Hosting you *will*). Also note that the spacing of the above statement is
imperative. There must be a space between the " and the - after your filename.
I have a working example of this on my beta script page located at http://www.tdscripts.com/test.shtml.
(Note: A complete SSI tutorial is available at http://www.tdscripts.com/ssi.html)
.htaccess and .htpasswd to make encrypted passwords without Telnet access
You can use your FTP program to make a directory.
You can create an .htaccess and .htpasswd file using Microsoft Notepad or Wordpad. Here is
an example of what to cut and paste into the .htaccess file (don't include the #--->):
#---------begin--------------->
AuthUserFile
/web/sites/yournetpondaccountname/yourwebsite/yourdirectorytoprotect/.htpasswd
AuthName "Title of my protected directory"
AuthType Basic
<Limit GET>
order deny,allow
require valid-user
</Limit>
#-----------end------------------>
Now save this file as TEXT only naming it ".htaccess" -- (by the way, notepad or
wordpad might rename it .htaccess.txt which will make it not work, so make sure to rename
this if it does add the .txt extension)
Now you need to create your .htpassword file which includes an encrypted password. I have
a freeware backdoor program which you can use from your browser for single word password
encryption so that you don't have to use Telnet. You can access it by typing into your
browser (replace PASSWORD with the password you want to use):
http://www.tdscripts.com/cgi-bin/bouncer.cgi?react=crypt&password=PASSWORD
Now in the empty notepad file type the login id you want to use. For example I want to use
franklin and then use the : symbol and then cut and paste the encrypted password after the
: (for example, franklin with the encrypted PASSWORD -- would look like this:)
franklin:sai3gAJK84MO2
Now save the above file with your login:encryptepassword as .htpasswd in TEXT mode and FTP
in ASCII to the directory you want to protect along with the .htaccess file you created.
Now try to login from your browser to your directory and you will see that until you use
the proper login and pw) you will be denied access.
Executing Server Side Includes (SSI) syntax:
For executing scripts using SSI just insert the following:
<!--#exec cgi="/cgi-bin/scriptname.cgi" -->
The spacing above is mandatory. There must be a space between the trailing " and the
first - . On Netpond Hosting, as well as some others, in the default configuration, you
must name your .HTML files as .SHTML
Hope this helps, if not drop me a line :)
Permissions Explained in English
Permissions indeed can be a puzzling concept, but they really are quite easy. Here is a quick explanation what those permissions numbers mean:
4 = (Read)
2 = (Write)
1 = (Execute)
You add the numbers together to come up with the necessary permission.
In the format: OWNER - OWNERS GROUP - EVERYONE ELSE
So if you need a script executable you would make it:
7 = (the owner is the script and must be able to read, write and execute)
5 = (the owners group only needs to execute and read)
5 = (everyone else in the browser world needs only to read and execute not write to your
executable script)
Thus, if one sets a scripts permissions to 766, he is essentially saying that the script can read and it can write but it cannot EXECUTE. Not the best permission setting for a script that must be executed from the browser :)
Most of the time when you are configuring scripts on the market you must set files ending in .cgi or .pl to 755 and directories or files where the script must be able to create, delete and edit to 777. If you do not need access to a particular file (IE. to change it manually) than you can allow the script to create with amenable permissions, like 640, such as logfiles that you won't need to accesss. One neat thing about UNIX is if a file doesn't exist UNIX will create it with its own permissions, but sometimes this will create permissions that prevent you from accessing these files and the only way to fix could be to have the script change the permissions.
IP Address displayed in browser, not in text box -- how?
One of the downfalls of javascript is people can turn it off in their browser, thus
rendering your script useless. There is a (almost as easy) way to do this with a Server
Side Includes (SSI) though, and it isn't as easy to defeat.
Use an SSI call. Here is the CGI necessary. Put the code at the very bottom of this
message in a text file and call it ip.cgi. FTP this to your CGI-bin in ASCII. Set the
script permissions to 755. Call this script as an SSI. Use the following syntax to call
this script where you want the ip address displayed:
<!--#exec cgi="/path_to_your_cgi-bin/ip.cgi" -->
Replace the path_to_your_cgi-bin with the relative path to your cgi-bin. In other words if
you use http://www.yourdomain.com/cgi-bin/ip.cgi to get to the script you just
FTP, then your relative path would be "/cgi-bin/ip.cgi".
Ok, here is the code below, and the syntax is strict:
#!/usr/bin/perl
print "Content-type: text/html\n\n";
$ip = $ENV{'REMOTE_ADDR'};
print "This is your $ip";
404
Redirecting using .htaccess and ErrorDocument
Create a text file and name it .htaccess. Now let's say you want to redirect any 404 on
your entire site you would FTP this file into the root www directory.
IE. /home/youraccountname/www/
now everything *below and inside* that directory (files, directories, etc.) are affected
by the contents of this .htaccess file.
IE. /home/youraccountname/www/anydirectory1/members/anydirectory2/htmlpage.html
If I went looking for a webpage that didn't exist in any of the directories above, I would
be redirected to the 404 page you chose in the .htaccess above.
Now let's say you want to have multiple 404 pages. One way to do this is to redirect all
your 404 to a cgi-script which will determine the referrer and redirect from there, but
another less complicated way is using multiple .htaccess files in multiple directories.
For instance if someone looked for a page in anydirectory2 and it wasn't there you wanted
to send them to your members help page because if he was in anydirectory2 that would mean
he was in your members area (and thus mean that he is not a visitor, but a member of your
website). You would upload your .htaccess file with the ErrorDocument statement pointing
to your members help in the members directory.
You can also configure 500 errors so that if you have a friendlier message than
"internal server error", or 403 if someone tries to access a forbidden place
(shame shame shame), or how about 401 help page for those that enter the wrong
username/password combo (or possibly send them to console hell if it is a repeated 401
from the same IP, f@*$ off and die password hurlers!)
Books (Great!) on how to program in Perl
Thanks
for posting, there are many other Webmasters out there who would like to learn Perl but
have probably picked up some of the more tech-only type Perl books (the ones with the
Llama on the front). I wish to add to your thread another excellent book that no beginning
Perl programmer (or Webmaster interested in programming in Perl) should be without. This
is indispensible for your library.
Perl and CGI For
The World Wide Web
by
Elizabeth Castro
Honestly, I learned the most from this book when I was getting started
than any other. Plus it is currently only $15 (from Amazon)! (not $39.99 or $49.99), only
272 pages (that includes the index), currently is the number one best-selling book on Perl
and CGI, and is written in layman terms. You simply figure out what you want to do, goto
the appropriate page and Elizabeth shows you **visually** what code to use and what it
means.
You will still need the Llama books if you want to get into advanced Perl topics like
fuzzy logic (pattern matching).
In fact, the Visual Start *series* is the best I've read. Peachpit Press just released a
Visual Start book on Flash (segway from the posts down below), that I haven't read but
intend to pick up from Amazon soon.
Generating Random Passwords
Do you always hate trying to think up decent secure passwords? I have a
freeware script you are welcome to bookmark and use for a random 8 digit letters/numbers
password that are secure:
http://www.tdscripts.com/cgi-bin/randompass.cgi
If you want to go one step further and see your random password encrypted then use this
link:
http://www.tdscripts.com/cgi-bin/bouncer.cgi?react=crypt&password=yourpasswordhere
Displaying environment variables
Do you need to test for environemnt variables? Slide this code into a text file and name it test.cgi
#!/usr/bin/perl[ home ] [ write TDavid ] [ php-scripts.com ] [ scriptschool ]
Copyright 1999-2000 TD Scripts.com All Rights Reserved