homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Gold Sponsor 2015!
Home / Forums Index / Code, Content, and Presentation / Perl Server Side CGI Scripting
Forum Library, Charter, Moderators: coopster & jatar k & phranque

Perl Server Side CGI Scripting Forum

How to call an external script and get the error message (if any)?
...and should I be using do(), system(), backticks?

WebmasterWorld Senior Member 10+ Year Member

Msg#: 4114850 posted 6:33 am on Apr 13, 2010 (gmt 0)

My web application has various *cgi files which call 'authenticate.pl' to make sure the user should really be able to execute the file. I've been calling that script with do('authenticate.pl'), but I just discovered that if an open() command in that script fails, the or die... part doesn't get written to the web browser. (Yes, I printed the content header.)

So do I need to do something special to make sure the error prints, or should I be using some other way of calling the authentication script in the first place, such as system() or backticks? I thought do was a "cleaner" way of calling external scripts (best practices, because less possibility of security issues), so that's why I started with that. But I'll switch if that's the best way to do it.



WebmasterWorld Senior Member 5+ Year Member

Msg#: 4114850 posted 11:34 am on Apr 14, 2010 (gmt 0)

If you just want the error messages to be printed to the browser, you might succeede with putting

use CGI::Carp qw(fatalsToBrowser);

in your original scripts.
"do" will run the perl code, but not in an external process, which system() or backtics will. If you switch to that, you'll have to catch errors from the authentication script and work with them to find out if auth is fine. Also, you can't read and set variables of your script.
I'd stick with "do" (or "require"), but handle it a bit cleaner, make the authentication a sub routine that returns status (1 = authed, 0 = failed) and an optional message that indicated why authentication failed. Then handle that however you want to (show public data only, print the message and exit, insult the user or whatever)


5+ Year Member

Msg#: 4114850 posted 4:48 pm on Apr 19, 2010 (gmt 0)

If you want to call the authenticate.pl script but not halt all processing of the calling CGI, you could put the do('authenticate.pl') call in an eval block. Depending on what you are reading/doing with authenticate.pl, this might not be safe enough, but it will let you safely catch and then parse, display, etc. any 'die' errors thrown from authenticate.pl.

Alternatively, I would consider doing something similar to what janharders suggested and set things up so you can just set error codes or flags from an authentication routine and display appropriate messages to those that should see them. Die'ing in a CGI can get kind of messy very quickly ;)

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Perl Server Side CGI Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved