Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Nov 2009
    Posts
    23
    Thanks
    4
    Thanked 0 Times in 0 Posts

    perl mysql injection

    Hello All,

    Experienced PHP, new to Perl.... Getting a 500 error..

    Code:
    #!/usr/bin/perl -w
    
    $|++; 
    
    use strict; 
    use CGI::Carp qw(fatalsToBrowser); 
    use CGI; 
    use Mysql;
    
    #mysql vars
    my $user="dbo294796910";
    my $password="jdJPCkss";
    my $database="db294796910";
    my $server = "db414.perfora.net";
    
    # connect to DB
    my $connect = Mysql->connect($server, $database, $user, $password);
    $connect->selectdb($database);
    
    # insert file vars into DB
    my $updatefiles = "INSERT INTO `files` 
    ( `id` , `show` , `game` , `menuid`, `category` , `item` , `filename` , `imagename` , `title` , `artist` , `submitter` , `colour` , `downloads` , `comments` ) 
    VALUES 
    ('', '0', 'game', 'menuid',  'category', 'item', 'newfilename', 'newimagename', 'title', 'artist', 'submitter', 'colour', '0', 'message')";
    
    
    # execute query
    my $execute = $connect->query($updatefiles);
    any help or refferenes would be appreciated.

    When starting out with PHP i used php.net, lots of explanaitons and examples of functions on that site. Is there anything like that for Perl?

  • #2
    Super Moderator
    Join Date
    May 2005
    Location
    Southern tip of Silicon Valley
    Posts
    2,871
    Thanks
    2
    Thanked 164 Times in 159 Posts
    Since you're using:
    Code:
    use CGI::Carp qw(fatalsToBrowser);
    You should have recieced a more descriptive error. What was the exact wording of the error message?

    Mysql is a depreciated module. Instead, you should be using the DBI module.

    The 2 primary Perl resources are the Perl documentation files that should be installed on your system and are accessible via the perldoc command and CPAN:

    Example:
    Code:
    [root@fc4dev ~]# perldoc perl
    PERL(1)               User Contributed Perl Documentation              PERL(1)
    
    NAME
           perl - Practical Extraction and Report Language
    
    SYNOPSIS
           perl [ -sTuU ] [ -hv ] [ -V[:configvar] ]
               [ -cw ] [ -d[:debugger] ] [ -D[number/list]]
               [ -pna ] [ -Fpattern ] [ -l[octal] ] [ -0[octal] ]
               [ -Idir ] [ -m[-]module ] [ -M[-]‚module...‚ ]
               [ -P ] [ -S ] [ -x[dir] ]
               [ -i[extension] ] [ -e ‚command‚ ] [ -- ] [ programfile ] [ argu-
           ment ]...
    
           If you‚re new to Perl, you should start with perlintro, which is a general
           intro for beginners and provides some background to help you navigate the
           rest of Perl‚s extensive documentation.
    
           For ease of access, the Perl manual has been split up into several sec-
           tions.
    
           Overview
    
               perl                Perl overview (this section)
               perlintro           Perl introduction for beginners
               perltoc             Perl documentation table of contents
    
           Tutorials
    
               perlreftut          Perl references short introduction
               perldsc             Perl data structures intro
               perllol             Perl data structures: arrays of arrays
    ...
    ...
    ...
    or via the web:
    http://perldoc.perl.org/http://perldoc.perl.org/

    CPAN:
    http://search.cpan.org/

  • #3
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by absoleet View Post
    Hello All,

    Experienced PHP, new to Perl.... Getting a 500 error..
    any help or refferenes would be appreciated.

    When starting out with PHP i used php.net, lots of explanaitons and examples of functions on that site. Is there anything like that for Perl?
    don't post sensitive information on public forums! You can remove it from your post by editing the post and change them on your server.

    best regards


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •