Home > Archive > PERL CGI Beginners > May 2004 > System()
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Octavian Rasnita 2004-05-22, 11:32 am |
| Hi,
I have tried:
system("zip", "-r", "archive", "*");
But this tells me that the file "*" cannot be found.
I guess the shell thinks that I want to pass the quoted string "*" and not
only the * character to match all files.
I have succeeded with:
system("zip -r \"archive\" *");
But I have seen that it is recommended for security reasons to use system()
with multiple parameters...
Thank you.
Teddy
| |
| Wiggins D Anconia 2004-05-22, 11:32 am |
| > Hi,
>
> I have tried:
>
> system("zip", "-r", "archive", "*");
>
> But this tells me that the file "*" cannot be found.
> I guess the shell thinks that I want to pass the quoted string "*" and not
> only the * character to match all files.
>
> I have succeeded with:
>
> system("zip -r \"archive\" *");
>
> But I have seen that it is recommended for security reasons to use
system()
> with multiple parameters...
>
This is done specifically for the reason you mention. Read the first
paragraph from the 'system' docs,
perldoc -f system
In the second form where you pass a single argument to 'system' the
shell metacharacter * is expanded to a list of files, in the first form
the metacharacter is not expanded. To simulate the metacharacter
expansion while in Perl you can use globbing to generate the list, then
pass that list as the last arg to system (careful of directories with
very large file lists).
perldoc -f glob
For more about globbing.
You may also want to read through
perldoc perlsec
Consider using a module from CPAN to do your zipping rather than
shelling out...
HTH,
http://danconia.org
|
|
|
|
|