I'm very new to Perl and CGI so please try to explain as best you can. I'm trying to make a script that will allow users to create a new file on my directory. I get an error that says something like 'Insecure dependency at open()'. The only problem is the scaler in the open() command. I know because then I remove the $ it works fine, creating a new file called name.html. I might have to chmod it, I don't know. Right now I'm using Windows98. (I'm learning Linux) Please help, I am open to all suggestions, and please take it easy on me. Here is the script: (In part)

#Start script

$name=$cgiobject->param("name");

#Some other scalers...

open (NEW ">$name.html") die "!$";

#Print some stuff...
#End of script

Please help. Thanks.
Check this out:

http://www.neopets.com/refer.phtml?username=scooby_dood

Change:

open (NEW ">$name.html") die "!$";

to

open NEW ">$name.html" or die $!;

You can read about open() in more detail here:

http://www.perldoc.com/...1/pod/func/open.html

Thanks, I'm not getting an error anymore. There is still one problem though. The script is naming it '$name.html' instead of what whatever I put in the field '.html'. I doubled checked to the scalers and the form. What can I do to fix it?
Check this out:

http://www.neopets.com/refer.phtml?username=scooby_dood

The code I provided uses " " ...if it is naming it $name.html you must be using ' '

Yes, but when I use "" it gives me the same error. That's why I changed it.
Check this out:

http://www.neopets.com/refer.phtml?username=scooby_dood

Can you paste the exact error please.

The thing you want to do is very insecure. That's why you get the "insecure dependecy" error. And this is good.

It happens when the tainting mechanism is turned on, either by a -T, or when you are running setuid or setgid (quote from Programming Perl)....

Ivan
-----
Iyengar Yoga Resources / GT Plugins

yogi, I'm using Windows98, so I don't know if there is anything I could do. Would using this script be a danger to my website? And is there anything I can do about it on Windows?

Here is the exact error:

Status: 302 Found Location: /bin/error?error=Your%20script%20produced%20this%20error%3A%20Insecure%20dependency%20in%20open%20while%20running%20setgid%20at%20.%2Fpostapage.cgi%20line%2016.%0A URI: /bin/error?error=Your%20script%20produced%20this%20error%3A%20Insecure%20dependency%20in%20open%20while%20running%20setgid%20at%20.%2Fpostapage.cgi%20line%2016.%0A Content-type: text/html

It says something like:

Status: 302 Found Location: /bin/error?error=Your script produced this error: Insecure dependency in open while running setgid at postapage.cgi line 20.
Check this out:

http://www.neopets.com/refer.phtml?username=scooby_dood

Above the open() command try adding:

$> = $<;

I got that same error message while installing Matt's wwwboard on Angelfire.

open NEWFILE, ">$basedir/$mesgdir/$num\.$ext" or die $!;

Usually the data.txt file just contains one number.

It won't allow you to use $num in the filename because it's getting it from outside the script.
When it prints data.txt, modify wwwboard.pl so that it actually prints to data.txt -
$num = 1 ;
1;

then in the wwwboard script, put in at the beginning - require "data.txt";

It's like using an #include file... Perl thinks it's getting the number from the script itself, instead of an outside source.

You'll have to comment out some of the other stuff in the script, such as the section where $num is assigned, etc.



LOL, hope that helps someone... I found this thread because it took me 4 hours to figure out the solution, maybe someone will find this who's trying to do the exact same thing. :)

-Andy Alkaline
-http://www.angelfire.com/realm/andy1973/

The solution is to not use Matt's scripts. They are buggy and insecure. I mean take this:


I think he's confusing regexs with string. There's absolutely no need to escape . with \

The fact you are getting that error should tell you it is insecure. It is failing taint checking.

Hello, I am having this exact same problem with my message board. and i'm probably not the only one. Can someone post exactly how to fix the wwwboard problem so future readers will be able to figure it out.



Thanks!