Perl-related stuff and beyond (but not much)

Saturday, May 09, 2009

Some say Perl is ugly

Some say Perl is ugly because is uses a lot of non-alphabetical characters in its syntax. Well, I think that approach is stupid. In effect it's the same as saying that russian is ugly because it's written in cyrillic. What kind of argument is that? What about all those people who speak russian? Are they not-really-smart because they write it in cyrillic? I don't understand it. I never will. It would be okay if Perl was ugly because you have to write the for loop in some uber-complex-assembler style. Ok, that's ugly and non-trivial. On the other hand, people that object to the sigils use funny nomenclature in their programs; combination of hungarian notation and camelCase. I cannot read it. It's ugly. (Sarcasm mode turned on.)

Thursday, May 07, 2009

Extract base path

Simple solution to a Delphi task: extract base path from two paths:



#!/usr/bin/perl

# extract_base_path.pl - extract base path from two paths
# http://delphi.about.com/b/2009/05/06/delphi-programming-challenge-extractbasepath.htm
# dprelec, 2009-05-07

use strict;
use warnings;

my $path1 = '/usr/bin/perl/lib/';
my $path2 = '/usr/bin/perl/';

my @parts = split('/', $path1);
my $last = '';
my $re = join('|', reverse map { $last .= $_ . '/'; $last } @parts);

if ($path2 =~ /($re)/) {
print $1, "\n";
}

Thursday, April 30, 2009

HTML::Mason is easy

For years we've been using HTML::Template and HTML::Template::Expr modules on our site, and it all worked pretty well. In the last few months I've been implementing some complex form validators with items that appear on the site based on non-trivial URI rules.

I need some template engine that I could program the complex presentation part with, so I choose HTML::Mason. Being that our site is served by a Perl daemon process, I can't use $r or plethora of Apache2 modules inside my templates but without that HTML::Mason is powerful enough and it works pretty well. Combining the new template engine with some Moose-based objects saved me couple of months of development time. Hooray for HTML::Mason!

Wednesday, April 22, 2009

Check your log files for intrusions

CGI::IDS is a nice module on CPAN that enables you to check for a possible intrusion attempts in your web application. But, if evil attempts were made before, it's time to scan the log files. CGI::IDS is very flexible, so I crafted a simple program to check my log files at work.
Here it is:


#!/usr/bin/perl

# ids_log_check.pl - process Apache access log files and check for possible
# attacks via CGI::IDS
# usage: ids_log_check.pl path_to_the_log_file

# dprelec, 2009-01-14

use strict;
use warnings;

use CGI;
use CGI::IDS;

# minimal impact to report for
my $MIN_IMP = 20;

# skip these requests
my $RE_IGNORE = qr/GET(?:.*)\.(?:gif|css|png|jpeg|jpg|pdf|html|js|xml)\s/;

my $ids = CGI::IDS->new();
$ids->set_scan_keys(scan_keys => 1);

my $log = shift or die "Specify input log file.\n";
open $fh, "<", $log or die "Cannot open $log: $!";

while (<$fh>) {
next if /$RE_IGNORE/;

if (/GET\s+(?:[^ ]+)\?([^ ]+)/) {
my %params = CGI->new($1)->Vars;
my $imp = $ids->detect_attacks(request => \%params);

if ($imp > $MIN_IMP) {
print $_ . "\nParams: $1\nImpact: $imp\n\n";
}
}
}

close $fh;


Update: Thanks to all for the answers. It's syntax highlighter that modifies the source code. I'll probably change it. I also ran my code through Perl::Critic, and changed the source code above according to it's suggestions and your comments.

Fairies Wear Boots

Inspired by the Iron Man post, I decided to post Perl-related article here, once a week, on my new blog. I've never done this blogging stuff before, so it's a new uncharted land for me. Being that I'm not that really good in public type of self-expressions, it (this blogging mess) will need some extra energy from me.
So, don't expect some uberclever programming themes. For the start, I'll write about simple/dumb stuff I do all the time at my work.

So much for the intro, and now for something slightly different.