Is there a simple way to password protect a cgi/perl file? I have this transloader inside my root directory and it works fine. It displays all my subdirectories and lets me transload to any specific directory. But the way it is written it has to be in my root directory to work, if I move it to a sub-directory that is htaccess protected, it sees that directory as the root directory. So it has to stay in my root which I can't access protect. I have it protected from the crawlers with my robots file, but anybody can read that I have it protected and transload there heart out, LOL. Or maybe somebody could suggest another way to keep it from public access. Here is the script for the transloader.

http://alpha1omega.uni.cc/temp/transloader.txt

Thanks

looks like you can just change this:

$Root = $ENV{'DOCUMENT_ROOT'} . '/';

to whatever you want to:

$Root = $ENV{'DOCUMENT_ROOT'} . '/subfolder';

then you can htaccess protect "subfolder".

Thanks Kevin. I tried that and it's still seeing my sub-directory as the root directory and it's not listing my other directories anymore, which I can deal with that, I can just write them in. When I tried transloading a file to my sub-directory named test, it created a new folder in my transloader directory with the new file inside it. I then tried transloading this way

public_html/test

and it just put the file inside the same directory my transloader is in. Any suggestions?

Personally, I'd use a combination of CGI::Session and HTML::Template

http://search.cpan.org/~markstos/CGI-Session-4.20/lib/CGI/Session.pm
http://search.cpan.org/~samtregar/HTML-Template-2.9/Template.pm

Your script is missing several very important items.
1) EVERY Perl script you write should load the warnings and strict pragmas.

2) CGI scripts should use the CGI module instead of hand rolling your form processing and in most cases, you should also use the CGI::Carp module..

3) You should enable taint mode and untaint all user input.

4) Don't fork a shell process when Perl has built-in methods for accomplishing the same thing (i.e., there's no need to use the backticks to run the ls command).

When you run the sub 'list_dirs', since $ENV{'DOCUMENT_ROOT'} is the root path, it list all the sub directories from the root.
It can do this even if it is in a sub-directory off the root.

To add a file to the root directory when you run the script from a sub-directory,
you will have to add the root path to the options menu.

Try these changes :$Root = $ENV{'DOCUMENT_ROOT'}; . '/' remove this you do not need it

if you get empty options, in sub 'list_dirs' change:
push(@Dirs, $_);
to:
if ($_) { push(@Dirs, $_); }

add root option to menu:
print "<option value=\"$Root\">/root</option>\n";
foreach (sort @Dirs) {
print "<option value=\"$_\">$_</option>\n";
}

Then you should be able to run the script from a protected sub

Thanks FishMonger. I wish I knew enough about cgi/perl to accomplish what you suggested and even if I used the resources you supplied, I'm just not knowledgable enough with cgi/perl to do what your talking about. I didn't write the script myself, it came from a friend who got it from who knows who, LOL. I know enough to be able to put the warning part you suggested, but other than that I'm at a loss. :)

Jinxy

Thanks rwedge. Give me a few minutes to do what you suggested and I'll let you know.

OK rwedge. This is what I got now:

<option>Directory</option>
EOM

print "<option value=\"$Root\">/root</option>\n";
foreach (sort @Dirs) {
print "<option value=\"$_\">$_</option>\n"; }
print <<EOM;
</select>

at the top of my drop down menu it reads /root and it will display my root path when I choose this option like this:

/home/jinxy/public_html

and if I write in a directory, it will transload to that directory. Below that option on my drop down list it displays ALL my directories, but when I choose a directory I loose the root path. And when I transload it goes to the directory the transloader is located in.

Add the root to the directoryprint "<option value=\"$Root$_\">$_</option>\n"; }

That's got it! Thanks a million rwedge!

And thank you too FishMonger for the resources. I'm sure I can use those in the future.

Jinxy