VICNET Help is open from
9am - 5pm weekdays
(except public holidays)
Call Us: 8664 7001
Toll Free: 1800 629 835
Fax: 9639 2175

Library & Broadband Customers with 24hr Support please call the direct paging service immediately to report any outages.

Shortcuts

• Dialup Numbers Information
• Site Directory
• Internet Security

Help With

• Macintosh
• Windows
• Online Topics

Online Help

• Email Basics
• Email & Travel
• IRC/Chat information
• Mailing Lists
• Spam Policy

Web Design: Perl: The Basics

Only Vicnet Virtual Web Server customers can write and use their own Perl. Tilde account users may only use those which Vicnet provides.

Vicnet runs Perl >5.6. All customer Perl scripts that are called directly as CGI scripts must be placed in the customer's cgi-bin directory. This directory is above the public_html directory, not inside public_html, for security purposes.

Permissions

CGI scripts should generally be given permissions 755, that is:

User: Read, Write, Execute
Group: Read, Execute
Other/World: Read, Execute

Directory Listing: -rwxr-xr-x

Files that are to be modified by the script, that also need to be viewable by people on the web should be 644, that is:

User: Read, Write
Group: Read
Other/World: Read

Directory Listing: -rw-r--r--

Files that only the script should be able to read/write should be 600, that is:

User: Read, Write
Group: None
Other/World: None

Directory Listing: -rw-------

Prerequisites

All Perl scripts on Vicnet need to begin with at least the line:

#!/usr/bin/perl

If you are having problems, or wish to check security in a script, you can try using:

#!/usr/bin/perl -wT

This turns on most useful warnings and "taint checking" which examines how data that comes from outside a script is handled. This and other security tips are discussed in the documentation mentionned in the intro above.

If you are writing a Perl script that sends email, you must include the following headers in your code:

X-Script-URL
X-Referring-URL

Errors

On Vicnet customers do not have access to the server error log and therefore will generally just see an "Error 500" if a Perl script doesn't work properly. The following code snippet placed in a Perl program at the top (beneath the #! line) will cause detailed errors to be sent to the web browser viewing the page.

BEGIN {
         print "Content-type: text/html\n\n";
         use CGI::Carp qw(carpout);
         $|="1";
         carpout("STDOUT");
} 

This is useful for debugging, but should be taken out once the problems are solved as if the script should contain any sensitive information, and the line which contains sensitive information causes an error, it will be printed to the remote browser. If calling several scripts from within another script, only the parent script needs the above line.

Security

Due to the highly powerful nature of Perl, security is of particular concern. For this reason all customer scripts/macros/programs etc. on Vicnet are subject to approval by our technical department. Customers do not have to submit a script for checking but should be aware that should a script be found that contains security or performance compromising code, it will be disabled and/or removed without prior notice.

Vicnet has a team of developers who can provide custom Perl development however this incurs a fee. For professional site development queries, please contact sales@vicnet.net.au

For basic Perl support, contact Vicnet Webhelp.