Strange problem getting $ENV{'QUERY_STRING'} - perl

I'm having a strange problem here. I'm moving a (working) site to a new apache server to which I don't have direct access (I have to go through two people to get stuff done).
The site uses a perl script called adframe to parse html templates. The URLs with which it's called look like /cgi-bin/adframe/index.html?x=something with adframe being the script. The missing suffix never caused any real problems. But on this new Ubuntu server $ENV{'QUERY_STRING'} is always empty. $ENV{'REQUEST_METHOD'} shows up correctly as GET, but the query_string shows nothing ...
Regular *.cgi scripts show the query_string without problems.
From the logs I gathered that the server seems to be running fastcgi, mod_fcgid and the server doesn't even accept .pl as an extension for scripts. I don't have that much experience with server software, but I figured it might be a problem with the server not accepting adframe as a cgi script and thus not passing the query_string correctly ... Can anyone give me a few hints to where I could point the administrator or maybe something I could do in .htaccess myself? Anyway to make sure, adframe is recognized as a cgi script!? (if that's the problem ...)
Any help is appreciated!
thomas
EDIT: I found more details: The server seems to be running a VARNISH cache ... thats's the main difference to my usual configurations ...
Also, the way the script works is, if you call /cgi-bin/adframe/somedir/somefile.html?x=something, $ENV{PATH_INFO} tells which template to parse and $ENV{QUERY_STRING} is, well, the query string. Now the query string is empty, but if I call /cgi-bin/adframe?x=something (without any PATH_INFO), the query string shows up!
Does anyone have an idea what's going on here?
thanks!

Got it. The VARNISH cache strips all the query strings off static content (*.html etc) ... phew

Just ran into the same problem. I am complete newbie in perl scripting.
I tried following:
#values = split (/&/, $ENV{'QUERY_STRING'});
but it didn`t work
this worked:
#values = split (/&/, "$ENV{'QUERY_STRING'}");
just in case if other newbies have ran into the same problem.

Related

Tiki Net_LDAP2 class loading

I have a problem when I tried to integrate tiki with my LDAP server. In the test_ldap.php I wrote the code to debug according to this website (https://doc.tiki.org/LDAP%20authentication). This code returned a success. So I know that my LDAP is working fine. I have a problem at
$entry = Net_LDAP2_Entry::createConnected($this->_ldap, $this->_entry);
In the shiftEntry function in Search.php. When I return debug in here, it goes to ClassLoader.php and it go to
register_shutdown_function(function () {
TikiLib::events()->trigger('tiki.process.shutdown', []);});
In my opinion, maybe the problem is the
spl_autoload_call
The spl_autoload_call function called Net_LDAP2 which extends PEAR somewhere before this line in Search.php. This would lead both Net_LDAP2 and PEAR and PEAR_ERROR... Then when it comes to Net_LDAP2_Entry class, it would also load PEAR.... Would this create a fatal error?
I keep having blank screen in my tiki. Tried to cut the code from Search.php to the test_ldap.php to test. It has the same problem.
I am using:
Version 16.2
OS: Clear OS
Thanks for your help. I am blocked now.
I think this may be a good start: https://dev.tiki.org/item6283. If you look in the comments by albertgi he states changing some function names in PEAR.php. I was having LDAP integration problems and this was one of the key problems.

Selenium WebDriver with Perl

I am trying to run the Selenium driver with Perl bindings, and due to the lack of examples and documentation, I am running into some roadblocks. I have figured out how to do some basic things, but I seem to be running into some issues with other simple things like validating the text on a page using Remote::Driver package.
If I try to do something like this:
$sel->get("https://www.yahoo.com/" );
$ret = $sel->find_element("//div[contains( text(),'Thursday, April 26, 2012')]");
I get a message back that the element couldn't be found. I am using xpath because the driver package doesn't appear to have a sub specific for finding text.. at least not that I've found.
If my xpath setup is wrong or if someone knows a better way, that would be extremely helpful. I'm having problems with some button clicking too.. but this seems like it should be easier and is bugging me.
Finding text on a web page and comparing that text to some "known good value" using Selenium::Remote::Driver can be implemented as follows:
File: SomeWebApp.pm
package SomeWebApp;
sub get_text_present {
my $self = shift;
my $target = shift;
my $locator = shift;
my $text = $self->{driver}->find_element($target, $locator)->get_text();
return $text;
}
Somewhere in your test script: test.pl
my $text = $some_web_app->get_text_present("MainContent_RequiredFieldValidator6", "id");
The above finds the element identified by $target using the locating scheme identified by $locator and stores it in the variable $text. You can then use that to compare / validate as required / needed.
https is a tad slower loading than http. Although WebDriver is pretty good about waiting until it's figured out that the requested page is fully loaded, maybe you need to give it a little help here. Add a sleep(2); after the get() call and see if it works. If it does, try cutting down to 1 second. You can also do a get_title call to see if you've loaded the page you think you have.
The other possibility is that your text target isn't quite exactly the same as what's on the page. You could try looking first for one word, such as "April", and see if you get a hit, and then expand until you find the mismatch (e.g., does this string actually have a newline or break within it? How about an HTML entity such as a non-breaking space?). Also, you are looking for that bit of text anywhere under a div (all child text supposedly is concatenated, and then the search done). That would more likely cast too wide a net than not get anything at all, but it's worth knowing.

Customize Error Reporting via E-mail in Pylons

I am sending myself WebApp error reports from Pylons when users hit critical errors and I would love to be able to get the full output of session[] in the reports and customize it to my liking, but I've got no idea how to do that, or where the report is actually created / put together.
Anyone know how I can accomplish that?
The short answer is that you will have to roll your own for this functionality. WebError is the package used to handle this, and it doesn't provide any extension points. Your best bet may be to use a fork of it with your changes, although even then the code is not pretty.
I thank Michael for answering me, without really giving me anything to build on. That meant I had to figure it out myself, and that's always a good thing :)
What I did was, I looked at /config/middleware.py in my Pylons project and found this line:
app = ErrorHandler(app, global_conf, **config['pylons.errorware'])
I made my own ErrorHandler def and my own ErrorMiddleware class at the top of the middleware.py file:
class ClaraErrorMiddleware(ErrorMiddleware):
def exception_handler(self, exc_info, environ):
# do what ever you want with the exc_info or environ vars
super(ClaraErrorMiddleware, self).exception_handler(exc_info, environ) # call parent
pass
def ClaraErrorHandler(app, global_conf, **errorware):
if asbool(global_conf.get('debug')):
return ErrorHandler(app, global_conf, **errorware)
else:
return ClaraErrorMiddleware(app, global_conf, **errorware)
So now, I can throw in some extra variables I want to be sent with my error emails. Simple enough ...

How do I get the text-form verification code when doing auto site access in Perl?

I'm playing around with Win32::IE:Mechanize to try to access some authentication-required sites automatically. So far I've achieved moderate success, for example, I can automatically log in to my yahoo mailbox. But I find many sites are using some kind of image verification mechanism, which is possibly called CAPTCHA. I can do nothing to them. But one of the sites I'm trying to auto access is using a plain-text verification code. It is comnposed of four digits, selectable and copyable. But they're not in the source file which can be fetched using
$mech->content;
I searched for the keyword that appears on the webpage but not in the source file through all the files in the Temporary Internet Files but still can't find it.
Any idea what's going on? I was suspecting that the verification code was somehow hidden in some cookie file but I can't seem to find it :(
The following is the code that completes all the fields requirements except for the verification code:
use warnings;
use Win32::IE::Mechanize;
my $url = "http://www.zjsmap.com/smap/smap_login.jsp";
my $eccode = "myeccode";
my $username = "myaccountname";
my $password = "mypassword";
my $verify = "I can't figure out how to let the script get the code yet"
my $mech = Win32::IE::Mechanize->new(visible=>1);
$mech->get($url);
sleep(1); #avoids undefined value error
$mech->form_name("BaseForm");
$mech->field(ECCODE => $eccode);
$mech->field(MEMBERACCOUNT => $username);
$mech->field(PASSWORD => $password);
$mech->field(verify => $verify);
$mech->click();
Like always any suggestions/comments would be greatly appreciated :)
UPDATE
I've figured out a not-so-smart way to solve this problem. Please comment on my own asnwer posted below. Thanks like always :)
This is the reason why they are there. To stop program like yours to do automated stuff ;-)
A CAPTCHA or Captcha is a type of
challenge-response test used in
computing to ensure that the response
is not generated by a computer.
This appears to be an irrelevant number. The page uses it in 3 places: generating it; displaying it on the form next to the input field for it; and checking for the input value being equal to the random number chosen. That is, it is a client-only check. Still, if you disable javascript it looks like, I'm guessing, important cookies don't get set. If you can execute JavaScript in the context of the page (you should be able to with a get method call and a javascript URI), you could change the value of random_number to f.e. 42 and fill that in on the form.
The code is inserted by JavaScript – disable JS, reload the page and see it disappear. You have to hunt through the JS code to get an idea where it comes from and how to replicate it.
Thanks to james2vegas, zoul and Shoban.
I've finally figured out on my own a not-so-smart but at-least-workable way to solve the problem I described here. I'd like to share it here. I think the approach suggested by #james2vegas is probably much better...but anyway I'm learning along the way.
My approach is this:
Although the verification code is not in the source file but since it is still selectable and copyable, I can let my script copy everything in the login page and then extract the verification code.
To do this, I use the sendkeys functions in the Win32::Guitest module to do "Select All" and "Copy" to the login page.
Then I use Win32:Clipboard to get the clipboard content and then Regexp to extract the code. Something like this:
$verify = Win32::Clipboard::GetText();
$verify =~ s/.* (\d{4}).*/$1/msg;
A few thoughts:
The random number is generated by something like this in Perl
my $random_number = int(rand(8999)) + 1000; #var random_number = rand(1000,10000);
And then it checks if $verify == $random_number. I don't know how to catch the value of one-session-only $random_number. I think it is stored somewhere in the memory. If I can capture the value directly then I wouldn't have gone to so much trouble of using this and that extra module.

How can I read the URL-Data send with POST in Perl?

I'm trying to read out the POST-Data that was sent from a form in a page to my Perl Script. I googled and found out that:
read(STDIN, $param_string, $ENV{'CONTENT_LENGTH'})
reads out the whole Data-String with and writes the whole string to $param_string in the form of
Param1=Value1&Param2=Value2&Param3=Value3
by spliting it at the right places I get the necessary Data.
But I wonder why my $param_string is empty.
When I try the whole thing with GET:
$param_string = $ENV{'QUERY_STRING'};
everything works fine. Does anybody have an idea?
There absolutely no real reason for someone at your level to want to hand parse CGI requests.
Please use CGI::Simple or CGI.pm.
CGI.pm has a lot of baggage (HTML generation, function oriented interface) which makes CGI::Simple preferable.
Using any CGI processing module on CPAN is better than trying to write CGI processing code from scratch.
See parse_query_string in CGI::Simple for a way of accessing parameters passed using the query string when processing a form that is POSTed to your script.
If you want to learn how to do it right, you can read the source code of either module. Reading through the CGI.pm CHANGES file is also instructive.
If you are able to retrieve GET-data but not able to retrieve POST-data, most likely you forgot to change form method from to be post. You can check your submit method by using this condition in if statement:
if ($ENV{'REQUEST_METHOD'} eq "POST"){
read(STDIN, $param_string, $ENV{'CONTENT_LENGTH'});
}else {
$param_string = $ENV{'QUERY_STRING'};
}
Under mod_perl 2, Apache2::Request works for me.