On Oct 4, 2011, at 5:48 AM, MarkSmith wrote:
Sorry for my late return to the thread guys and thank you for all your replies.
Walt - this script looks great and unless I am reading it wrong, do I just put this script in the main site folder (the same one as the html files) or does it need to go in the cgi-bin folder?
It’s exceedingly rare these days that a PHP script would need to be run as a CGI. If this one did, I would need to rewrite it to include the “shebang” line to help it find the PHP command-line interpreter. So this script, as written, belongs in the same folder as your index.html page, and one folder above that, you must put a folder named csv. If your html documents all lived in a folder named ‘htdocs’, your server would look something like this if you looked at it with an FTP application:
marksmith/
cgi_bin/
csv/
htdocs/
Resources/
form_to_csv.php
index.html
logs/
...
The csv folder would have to be writable by your Web server, and only your hosting provider can tell you for certain what that means. For short-term testing ONLY, you can switch it to 777 permissions with your FTP application, and that means anyone can write in it. Because this folder is outside of the Web root folder (htdocs) you’re not worried about anyone outside of your server doing this – but you are worried about someone malicious on the same server as you who has a Perl script running at all times, looking for unsecured folders like this. Quite a few of the shared servers I use run what’s called a ‘setuid’ environment for the Web server, which means that the server runs as “you” – the user you log in to the server as – and that makes this completely easy and very secure. If that’s the case on your server, you would not need to change permissions at all, and the server would be able to write into that folder because you created it.
This script presumably replaces the FormMail.pl that I am currently using?
You would make one change in Freeway – to make your form’s Action attribute read ‘form_to_csv.php’ instead of /cgi-bin/FormMail.pl or whatever your local syntax requires.
Just not sure of the exact locations of the various folders/scripts.
Hopefully this has illuminated that for you. If you do get friendly with your hosting provider’s admin staff, you could ask them to create a user (for your client to use) that was able to write to that csv folder, but who was “chroot jailed” into it (any sysadmin knows what that word means). This will vastly simplify things for your client – and you – as using that login and password, your client would see only that one folder with the csv file in it, and could not go anywhere else on the server (like the htdocs folder with all your hard work in it) and could basically stay out of trouble. If your client download the log file, and either deletes it or renames it in place on the server, the next form submission would create a new file starting from scratch with that next submission’s contents.
Walter
Tim - I will also look into tweaking the formmail on a test server I use as this will be a great option for the future as I use FormMail a lot.
Many thanks for your help as ever
Mark
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options