3

I wrote some perl cgis 20 years ago. They worked perfectly ... until my hosting company has updated my machine last week. A Perl cgi blocks. It seems it is because the following sequence :

require "quiest.htm";
require "quiest.pay";
require "quiest.ent";

is not understood as meaning "use these three scripts in the same directory" anymore.

Which would be the correct entry?

I tried quite everything else in terms of reloads, site reorganizing, etc. (the script is called by an HTML page requesting a user entry) everything resulted in a "site.tld\nameof.cgi?string=xxxxx 404)

toolic
  • 57,801
  • 17
  • 75
  • 117
Jean-François MORFIN
  • 31
  • 1
  • 1
    It never meant "use these three scripts in the **same** directory". It did mean "use these three scripts in the **current** directory [or...]" – ikegami Dec 24 '22 at 03:53

1 Answers1

4

They removed the current directory (.) from @INC in Perl 5.26.

The link above includes some solutions:

  • You can set the PERL_USE_UNSAFE_INC environment variable to 1.
  • Manually add your secure path to @INC:
BEGIN {
    my $dir = "/some/trusted/directory";
    chdir $dir or die "Can't chdir to $dir: $!\n";
    # safe now
    push @INC, '.';
}

Also, as @ikegami reminded me in the comments, FindBin exists:

use FindBin;
use lib $FindBin::Bin;
Jim Davis
  • 5,241
  • 1
  • 26
  • 22
  • These are all wrong. They don't want the current directory added to `@INC`; they want the script's dir. – ikegami Dec 24 '22 at 04:23
  • 1
    @ikegami - I thought that was kind of a strange way of going about it, myself, but suspected there might be _some reason_ for it. `push @INC, '/some/trusted/directory';` seems a lot more obvious. – Jim Davis Dec 24 '22 at 06:44
  • Or using FindBin to find the script's dir – ikegami Dec 24 '22 at 07:11