Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Javascript -> Shell Script
Top Forums Web Development Javascript -> Shell Script Post 302228432 by era on Sunday 24th of August 2008 01:08:55 PM
Old 08-24-2008
Shell script is kind of brittle when it comes to proper quoting of user-specified arguments etc so you need to be really careful here. Perhaps wrapping the call in PHP is not such a bad idea (although PHP too has a bit of a track record when it comes to security problems .... /me ducks) and make really really sure you use proper quoting everywhere in the script and in everything which invokes it. And keep in mind that security checks in JavaScript are ineffective; somebody could simply be connecting directly to the CGI script, without going through your form (or with JavaScript disabled).

As such, it's not very hard to split on & with IFS='&'. IFS=& query_string - Google Search brings up some matches but I would regard all of them with extreme suspicion. If you see a variable interpolation without double quotes around it, run away.
Last edited by era; 08-24-2008 at 02:13 PM.. Reason: Note that JavaScript input checking is ineffective
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Javascript: Edit a script ?

Hi, i got this script but when i hit reset i loose the times in the form box. Can someone please edit this script so when i hit reset i dont loose the times in the form box's and also have a button to reset everything, including the form boxs <script language="javascript"> // stopwatch... (1 Reply)
Discussion started by: perleo
1 Replies

2. Shell Programming and Scripting

Calling Shell script in javascript

All I want to call a KORN shell script inside a javascript. Is it possible ? Please help me to do this. I want to return or read from shell script in javascript. Thanx in advance Regards Deepak Xavier (1 Reply)
Discussion started by: DeepakXavier
1 Replies

3. Shell Programming and Scripting

How to use ssh execute other shell script on other host (shell script include nohup)?

i want use ssh on the host01 to execute autoexec.sh on the host02 like following : host01> ssh host02 autoexec.sh autoexec.sh include nohup command like follwing : nohup /home/jack/deletedata.sh & after i execute ssh host02 autoexec.sh one the host01. i can't found deletedata.sh... (1 Reply)
Discussion started by: orablue
1 Replies

4. Web Development

Why using this kind of format in Web Development <script type="text/javascript"><!-- ...//--></scrip

I am just wondering why do programmers are using this when programming the web? When you making a joomla templates and the more focus in your mind is to target the search engines then java is very important.Not to use that. (2 Replies)
Discussion started by: Anna Hussie
2 Replies

5. Shell Programming and Scripting

want to use javascript as shell script

<html> <head> <title>Weather & Aviation Page - METAR decoder</title> <meta name="Title" content="Weather & Aviation Page - METAR decoder"> <meta name="Keywords" content="METAR decoder"> <meta name="Publisher" content="SkyStef"> <meta name="Description" content="SkyStefs weather and aviation... (4 Replies)
Discussion started by: anuajay1988
4 Replies

6. Shell Programming and Scripting

How to use javascript code in unix shell?

Hi Need help...I have wrritten one code for html through shell scripting in that i am using java scripts to validate some condition and open the html page without clicking the button.... Code Details echo "<script type="text/javascript">" echo "function exec_refresh()" echo "{" ... (4 Replies)
Discussion started by: l_gshankar24
4 Replies

7. Shell Programming and Scripting

Unable to pass shell script variable to awk command in same shell script

I have a shell script (.sh) and I want to pass a parameter value to the awk command but I am getting exception, please assist. diff=$1$2.diff id=$2 new=new_$diff echo "My id is $1" echo "I want to sync for user account $id" ##awk command I am using is as below cat $diff | awk... (2 Replies)
Discussion started by: Ashunayak
2 Replies

8. Web Development

Javascript to check field is empty then execute rest of script

I have found this bit of code that nearly does what I want. Basically 3 input fields, I want to copy t2 to t3 as it's typed but only if t1 contains data AND t3 is empty: <input type="text" id="t1" /> <input type="text" id="t2" /> <input type="text" id="t3" /> <script> var t2 =... (4 Replies)
Discussion started by: barrydocks
4 Replies

9. Shell Programming and Scripting

How to write config shell script to pass variables in master shell script?

Dear Unix gurus, We have a config shell script file which has 30 variables which needs to be passed to master unix shell script that invokes oracle database sessions. So those 30 variables need to go through the database sessions (They are inputs) via a shell script. one of the variable name... (1 Reply)
Discussion started by: dba1981
1 Replies

10. Shell Programming and Scripting

How to use JavaScript in UNIX Shell scripting?

I want to navigate through a webpage and save that page in my system local automatically. How can I do that by using JavaScript in a Unix shell script. Any suggestions are welcome! (3 Replies)
Discussion started by: abhi3093
3 Replies

LEARN ABOUT SUSE

htsearch

htsearch(1)						      General Commands Manual						       htsearch(1)

NAME

       htsearch - create document index and word database for the ht://Dig search engine

SYNOPSIS

       htsearch [options] [query_string]

DESCRIPTION

       Htsearch  is  used to search in de databases created by htdig for content.  is the actual search engine of the htdig search system. It is a
       CGI program that is expected to be invoked by an HTML form. It will accept both the GET and POST methods of passing data to  the  CGI  pro-
       gram.

OPTIONS

       query_string
	      A  CGI-style query string can be given as a single argument, and is only used if the REQUEST_METHOD environment variable is not set.
	      If no query_string is given, and REQUEST_METHOD is not set, htsearch will prompt for the query.

       -c configfile
	      Use the specified configfile instead of the default (for security reasons this option is only available when htsearch is used on the
	      commandline).

       -v -d  Run  in  verbose	mode.	This increases the verbosity of the program.  Using more than 2 is probably only useful for debugging pur-
	      poses.  The default verbose mode gives a progress on what it is doing and where it is.

FILES

       /etc/htdig/htdig.conf
	      The default configuration file.

       /srv/www/htdig/common/header.html
	      The default search results header file

       /srv/www/htdig/common/footer.html
	      The default search results footer file

       /srv/www/htdig/common/wrapper.html
	      The default search results wrapper file, that contains the header and footer together in one file

       /srv/www/htdig/common/nomatch.html
	      The default 'no matches found' HTML file

       /srv/www/htdig/common/syntax.html
	      The default file that explains boolean expression syntax errors

SEE ALSO

       Please refer to the HTML pages (in the htdig-doc package)  /usr/share/doc/htdig-doc/html/index.html  and  the  manual  pages  htdig(1)  and
       htmerge(1) for a detailed description of ht://Dig and its commands.

AUTHOR

       This manual page was written by Stijn de Bekker, based on the HTML documentation of ht://Dig.

								  6 October 2001						       htsearch(1)
All times are GMT -4. The time now is 12:25 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy