Gossamer Forum
(Advanced Search)
for
Home : General : Perl Programming :

Printing images and html together?

Jul 28, 2002, 8:40 AM
Paul
Veteran (19537 posts)
Jul 28, 2002, 8:40 AM
Post #1 of 11
Views: 7049
Shortcut
Quote Reply
Printing images and html together?
Is it possible to print a gif and html code on one page?....ie I can do:

print "Content-type: image/gif\n\n";
print $code;

or...

print "Content-type: text/html\n\n";
print $code;

...but I need to print the image inside the html...is this possible?
Jul 28, 2002, 9:17 AM
Wil
Veteran / Moderator (4108 posts)
Jul 28, 2002, 9:17 AM
Post #2 of 11
Views: 6839
Shortcut
Quote Reply
Re: [Paul] Printing images and html together? In reply to
What you are asking is not really a Perl question. It's a question about the HTTP protocol.

A web server sends one header with each browser request. Therefore, you can not mix and match data within a specific HTTP header. Once you've set an image/gif header then you're stuck with it. All the data after that header is expected by the browser to be image/gif until the connection is closed.

Your only solution would be to send a text/html header and then incorporate your image into your webpage using HTML tags. The image will then be requested by the browser.

I suggest you read RFC 2616 (ftp://ftp.isi.edu/in-notes/rfc2616.txt) which should give you more detailed information about the HTTP 1.1 specification.

- wil
Jul 28, 2002, 11:13 AM
Paul
Veteran (19537 posts)
Jul 28, 2002, 11:13 AM
Post #3 of 11
Views: 6868
Shortcut
Quote Reply
Re: [Paul] Printing images and html together? In reply to
I figured it out...for anyone interested....

Code:
#!/perl/bin/perl
#==========================================================

use strict;
use CGI qw/:param :header/;
use CGI::Carp qw/fatalsToBrowser/;

param('img') ? img() : main();

#==========================================================

sub main {
#----------------------------------------------------------
# Print the html.

print header();
print q|<img src="test.cgi?img=title.gif">|;
}

sub img {
#----------------------------------------------------------
# Read and print the image.

my $path = "/apache/htdocs/images/desk/@{ [ param('img') ] }";

open IMG, "<$path" or die "Can't open $path: $!";
binmode IMG;
read IMG, my $bin, -s IMG;
close IMG;

print header('image/gif');
print $bin;
}

Last edited by:

Paul: Jul 28, 2002, 11:15 AM
Jul 28, 2002, 2:36 PM
Alex
Administrator (9387 posts)
Jul 28, 2002, 2:36 PM
Post #4 of 11
Views: 6861
Shortcut
Quote Reply
Re: [Paul] Printing images and html together? In reply to
But if you do end up using that (or anyone copying it), make double sure to check your form input before passing it to open. =)

Cheers,

Alex
--
Gossamer Threads Inc.
Jul 28, 2002, 4:14 PM
Paul
Veteran (19537 posts)
Jul 28, 2002, 4:14 PM
Post #5 of 11
Views: 6852
Shortcut
Quote Reply
Re: [Alex] Printing images and html together? In reply to
I almost edited the post after I made it because I knew someone would point that out...it was just my test script to make sure it worked and not the actual code....although it is for an installation script which is deleted when installation is complete so it isn't really an issue.

But it would just print a dead image if you tried to print anything other than an image wouldn't it?

Last edited by:

Paul: Jul 28, 2002, 4:14 PM
Jul 28, 2002, 4:48 PM
Alex
Administrator (9387 posts)
Jul 28, 2002, 4:48 PM
Post #6 of 11
Views: 6869
Shortcut
Quote Reply
Re: [Paul] Printing images and html together? In reply to
Yup, I was more concerned about someone copying it. It would display a dead image, but if you used something like lynx -source to get the output you could view a users passwd file. Try:

lynx -source http://yourdomain/.../../../../etc/passwd

Cheers,

Alex
--
Gossamer Threads Inc.
Jul 29, 2002, 5:32 AM
Michael_Bray
User (378 posts)
Jul 29, 2002, 5:32 AM
Post #7 of 11
Views: 6823
Shortcut
Quote Reply
Re: [Alex] Printing images and html together? In reply to
But the path ""/apache/htdocs/images/desk" was hard coded, so they couldn't go back beyond that could they?
Cheers,
Michael Bray
Jul 29, 2002, 7:12 AM
Paul
Veteran (19537 posts)
Jul 29, 2002, 7:12 AM
Post #8 of 11
Views: 6833
Shortcut
Quote Reply
Re: [Michael_Bray] Printing images and html together? In reply to
I guess they could using ../../../blah as the path, but it was on windows so they wouldn't be getting my passwd file Cool
Jul 29, 2002, 6:34 PM
widgetz
Veteran (2260 posts)
Jul 29, 2002, 6:34 PM
Post #9 of 11
Views: 6858
Shortcut
Quote Reply
Re: [Alex] Printing images and html together? In reply to
or..

test.cgi?img=boo;%20rm%20/home/paul/public_html/index.html;%20owned%20>%20/home/paul/public_html/index.html

Wink
Jul 29, 2002, 6:38 PM
Alex
Administrator (9387 posts)
Jul 29, 2002, 6:38 PM
Post #10 of 11
Views: 6807
Shortcut
Quote Reply
Re: [widgetz] Printing images and html together? In reply to
Can't do that as the file open mode is forced to read so it doesn't go to shell.

Cheers,

Alex
--
Gossamer Threads Inc.
Jul 29, 2002, 6:47 PM
widgetz
Veteran (2260 posts)
Jul 29, 2002, 6:47 PM
Post #11 of 11
Views: 6820
Shortcut
Quote Reply
Re: [Alex] Printing images and html together? In reply to
doh.

well yea.. the thing you mentioned reminds me of http://try2hack.nl level 8.

uses the same type of exploit.