Subscribe to
the Possibilities Ezine

Subscription Terms of Service
Privacy Policy

Most Recent
Software Additions

Go Short URL

Create short URLs with your own control panel, on your own server, and all your short URLs will have your own domain name.

Secure View and Remove

Remove the data from your secure server safely, without compromising your customer's trust.

Survey Lite

Provides an opportunity for your visitors to give you feedback on the subjects you want to hear about.

Attention Ticker

Scrolling text banner is perfect for special offers... news feeds... syndication to other sites ...

Viewing Files in Your CGI Directory

If you should find yourself wanting to monitor a log file or database in your CGI directory, yet don't want to download the file every time just to view it, this article contains an answer.

This can also be a solution in situations where you have a client who can't use FTP yet wants to view data files in the CGI directory.

On most servers, only CGI scripts may be accessed in the CGI directory. Other files are forbidden to browsers. This ten-line Perl program, however, will display any plain text file in the CGI directory (including Perl CGI programs):

#!/usr/bin/perl
use strict;
my $File = 'data.txt';
print "Content-Type: text/html\n\n<html><body><pre>";
open R,"<$File";
my $p = join '',<R>;
close R;
$p =~ s/\</\<\;/g;
$p =~ s/\>/\>\;/g;
print "$p</pre></body></html>";

Ensure the first line points to Perl on your server and the third line specifies the file you want to view. If the file is in a directory other than where the program is installed, the directory path must also be specified.

Name the script whatever you want, so long as it has the file extension your server expects for CGI programs. Upload the script, set permissions to 0755, and type the script's URL into your browser. Example:

http://domain.com/cgi-bin/script.cgi

Bookmark the URL and you can use your browser to view the file whenever you desire.

Admittedly, the above program is limited in that it will display only one specific file. It is, however, secure. If anyone should happen upon your URL, the only file they can view is the one the script will display.

If you have only a few files for display in your browser, you may wish to upload a copy of the above program for each file (just change the third line of the scripts). However, if you have numerous files for display or would rather have a more sophisticated program, you'll find a solution below.

Because the next program will display files that you name in the program's URL, two security issues are addressed:

1. A password is required to view a file. When a file is requested, the password must be sent with the request. The page is displayed only if the sent password matches the password specified in the script. Without this feature, anyone having the URL to your script could view any file in your CGI directory.
    
2. Only files in the directory and sub-directories where the program is installed may be viewed. If the URL to your script is obtained and your password found out, this feature prevents viewing files in other locations, some of which might contain sensitive information.

Here is the script:

#!/usr/bin/perl
use strict;
my $Password = 'myPW';
my($PW,$File) = split /\=/,$ENV{QUERY_STRING},2;
print "Content-Type: text/html\n\n<html><body>\n";
if($File) { &PrintFile; }
else { &PrintInstructions; }
print '</body></html>';

sub PrintFile
{
	unless($PW eq $Password)
	{
		print '<h4>Boo!</h4>';
		&PrintInstructions;
		return;
	}
	my $currentdir = $ENV{SCRIPT_FILENAME};
	$currentdir =~ s!^(.*)/.*?$!$1!;
	if($currentdir =~ /\w/) { $currentdir .= '/'; }
	else { $currentdir = ''; }
	$File =~ s!^[./]+!!;
	$File = "$currentdir$File";
	unless(open R,"<$File")
	{
		print "<h4>Couldn't open file $File</h4>";
		&PrintInstructions;
		return;
	}
	my $p = join '',<R>;
	close R;
	$p =~ s/\</\<\;/g;
	$p =~ s/\>/\>\;/g;
	print "<pre>$p</pre>\n";
} # sub PrintFile

sub PrintInstructions
{
	print <<END_OF_INSTRUCTIONS;
<center><h3>I N S T R U C T I O N S</h3></center>
<p>Type the URL of the script into your browser, 
followed by ?PASSWORD=FILENAME</p>
<p>Replace PASSWORD with the password you specified 
in the script. Replace FILENAME with the file name 
of the file you want to view. If the file is in a 
directory other than where the script resides, the 
file name must include the directory path relative 
to the script.</p>
<p>For example, if your password was "myPW" and 
your file was "data.txt," the URL would be:</p>
<pre>
http://domain.com/cgi-bin/script.cgi?myPW=data.txt
</pre>
END_OF_INSTRUCTIONS
} # sub PrintInstructions

# END OF SCRIPT

Ensure the first line points to Perl on your server and the third line specifies your password.

Give the script any acceptable file name and upload it. Set permissions to 0755. Then type the program's URL into your browser.

The program will present instructions.

There you have it, a nice little utility that can be invaluable in certain situations. You may want to save this article or remember WillMaster.com as the source for this and many other programs.

Question: Did you find this article interesting and understandable? How can it be improved? Your response is anonymous. When done typing, click anywhere outside the box. [more info]

Type your response here. Thank you.

Powered by "Real Time Reader Feedback" from WebSite's Secret.

Will Bontrager
©2001 Bontrager Connection, LLC

Please note: Articles on this website are presented "as is". However -

If you have a question about a CGI script, HTML, CSS, PHP, or JavaScript
Ask one of our Experts and you'll have your answer!
Click here for details.

© 1998-2001 William and Mari Bontrager
© 2001-2008 Bontrager Connection, LLC