Hi Tom,
On Wed, May 03, 2006 at 01:43:45PM -0400, Kauffman, Tom wrote:
This seems to have fallen by the wayside; we do a number of combo-tests and write up a document that covers both the nature and meaning of the tests AND the recovery process. Here's my current hobbitcolumn.sh . . .
#!/bin/sh
QS="${QUERY_STRING}" . /usr/local/hobbit/server/etc/hobbitcgi.cfg
if [ -f /usr/local/hobbit/server/www/help/$QS.html ]; then echo "Content-type: text/html" echo "" cat /usr/local/hobbit/server/www/help/$QS.html else QUERY_STRING="db=columndoc.csv&key=${QS}" export QUERY_STRING
exec /usr/local/hobbit/server/bin/bb-csvinfo.cgi $CGI_HOBBITCOLUMN_OPTS fi
be careful ... at least, you should quote that "$QS" in your script, or there's a fairly easy to exploit way of having code executed on your webserver.
I've changed the column-link code, so it checks for the help/ files first, and then uses the hobbitcolumn.sh CGI as a fall-back solution. The code was already there; it was merely a question of which of the two possible links had precedence over the other.
Regards, Henrik