JTalbert Posted September 22, 2004 Posted September 22, 2004 What do I put in the af.cgi for $base_path I want to put my different templates in folders and no matter what I have tried, I have not been able to get this to work. If I leave this blank, the script runs from cgi-bin/ with the files there, but not if I put the files in cgi-bin/templates/ Thanks for your help Quote
LisaJill Posted September 22, 2004 Posted September 22, 2004 I haven't seen this script before; do you have a link to it? Someone else may have some experience that could help you in the meantime. =) Quote
TCH-Bruce Posted September 22, 2004 Posted September 22, 2004 Not sure which version you are trying to install but you may want to read this. http://seclists.org/lists/bugtraq/2002/Jun/0073.html Subject to file permissions, an attacker can read any file on the server, append arbitrary data to any existing file or write arbitrary data to new files. This is in version 1.5, don't know about version 2. Quote
JTalbert Posted September 23, 2004 Author Posted September 23, 2004 The actual link from the developer does not exist anymore. but some information and a link to the actual file download is here. http://help.powweb.com/tutorials/cgi/formmail/alienform.php Information in the cgi file regarding base path is this. # Set this to the base path of your templates. The files specified in# the HTML and log template will be appended to this to make the real # file name. Can be an absolute path, or a path relative to the script. # NOT a URL! $base_path = '/www/u/user/htdocs/templates/'; I wanted to store the template folder within my cgi-bin folder. maybe that is the problem I am running into, for some reason maybe I cannot do that? U have tried /cgi-bin/templates /templates/ /~ivnkjs/cgi-bin/templates and none of these work, I get an error file does not exist Thanks again for any help that you can give. Jeff Quote
LisaJill Posted September 23, 2004 Posted September 23, 2004 Is your domain propogated? If it is, you can try /home/cpanelname/public_html/cgi_bin It's very probable that the templates do need to be outside of the cgi_bin or it'll try to execute them, rather than read them. If this does have some possible security holes be very carefu; you are responsible for what happens on your account, including if you installed a problematic script. If you want some suggestions on more secure scripts we can help with that, too. =) Quote
JTalbert Posted September 23, 2004 Author Posted September 23, 2004 Lisa, Thank you very much for your reply. I would love to know of another way to do this that would be more secure. I have been using this script for about 3 years now, on this provider and the last one and didnt run into any problems, but I am always open to new, better ways to do something of this nature. Thanks again! Jeff Quote
LisaJill Posted September 23, 2004 Posted September 23, 2004 Is this just an email form? If it is you could try out what is the favorite of many on this forum - Ultimate Form Mail Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.