all
SoML
excited
dreams
runes
YRUU
ultimate
KTRU
skate
sleepy
nihongo
|
journal
all
SoML
excited
dreams
runes
YRUU
ultimate
KTRU
skate
sleepy
nihongo
| Rob is 20,355 days old today. |
Oct 1999 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Dec 1999 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
1998
jan feb mar apr
may jun jul aug
sep oct nov dec
2000
jan feb mar apr
may jun jul aug
sep oct nov dec
|< << more >> >| |
Entries this day: awesome later awesome 7:20am I wanted to name this file awesome!!!!!!!.txt but I don't think the exclamation points would have been very well received by the shell. I don't actually know. Awesome!!!! I have written my index.pl file, which sits in my /journal directory. It accepts arguments on the URL: dir= and file= to indicate which directory and file to display!!! As Dude might say, it's "totally supa cold dope rawkin!!" So now I simply use a Cascading Style Sheet in my index.pl file (I may eventually move the style sheet to its own file as it gets more complex) and it gives a more consistent look to my journal entries! I'm pretty flippin' pumped about the whole thing! I still want to add a bit of security to the whole thing; make sure people don't try to enter huge crazy long directory paths and/or file names to try to break the server. I think Perl will simply fail and there won't be a security breach, but I'll add it anyway. I've already added code that ensures no '.' '/' or '~' characters are used at the beginning of the diretory name, so one can't dig into my directory structure with this file. Oh wait!!! One could do this: index.pl?dir=1999/../../ I'll try that now and see what happens. Doh! Oh my goodness! I was able to type in index.pl?dir=1999/../../../../../../../etc/ and get a listing of the /etc dir on this server!!!! As proof, here's a list of some of the files in it: cron.daily cron.half-hourly cron.hourly cron.monthly cron.quarter-daily cron.quarter-hourly cron.weekly Is this a security breach? I don't know; I didn't have read access on anything interesting, so I think they're okay, but still it's a tad scary! I will disallow any ../ within the dir or file parameters. permalinklater 8:16pm Okay, I've been working on this for a while and have index.pl pretty much working as I'd like it to. Actually, I still have to let it display images properly, but that shouldn't be too difficult. I also would like it to know the date of the files in the directory. The first two filenames in this dir have a 09 as their first two characters. To me it means they were written on the 9th. I haven't told index.pl to figure that out yet. I'll get it. ANNdd also I'd like to have index.pl send me email if it has any errors. That will be cool. permalinkprev day next day |