How to: From a Text Box on a HTML page. Using the user input as a variable to a Bash Script
ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to: From a Text Box on a HTML page. Using the user input as a variable to a Bash Script
I have Googled this extensively and I have come across answers that hints to what I wish to do but not quite on the mark.
I wonder if someone would be kind enough to help.
I wish to create a Menu of Linux commands that I regularly use. { Being lazy } utilizing Html.
I have a bash script that is a menu - work in progress. I wish to make it a little more attractive to the eye and interactive and thought HTML would be a nicer alternative. This is my attempt at a Bash MENU script. I tried CGI script - haven't a clue how to make it interactive or more attractive.
All I want is something that takes a user input from Html text box for example " name of a program" that I wish to install by apt-get. Then output that " program name " to a shell script that accepts that input and of course installs the application.
I am still learning ...
Its been awhile since I've played with bash CGI. I remember reading at one time that you need a blank line after the content type but do not know if is still true.
Quote:
echo "Content-type: text/html"
echo ""
A quick scan of your CGI script shows that you left out action="some script" in your form statement which should be the CGI script itself. In addition a better check would be to test for $QUERY_METHOD=GET before processing input. The following guide should help with debugging your script.
I guess its a proof of concept - a challenge that I have set myself. With regards to the issues of injection and the nasty rm -rf \*.
There must be security solutions as there are a number of web based Linux terminal training sites on the wide web. I found one solution.
Solutions that counter these and other vulnerabilities include:
Write CGI scripts such that they test for allowable characters before your Web server uses any environment variable(s).
For example, if users are to enter a phone number in a Web page, the following string in the CGI script that receives this input will weed out illegal characters:
$number=~/^[\d-]+{1,12}$/ || die "Non-allowed characters in input [0] ";
The start of this string basically means that phone numbers that are entered must conform to the specified rules. \d means to accept numerals; the "-" designates that hyphens in the phone number will also be accepted. The ^[\d-]+ means to allow any set of permitted characters (in this case, numerals), starting at the beginning of the line. The {1,12} means that to be accepted, the input must be between 1 and 12 characters in length. This length restriction is extremely important; it prevents buffer overflows 5 caused by excessively long input (e.g., 77777777777777777777777777777777777777777777777777777777`rm -rf *`). The $ means that when the string comparison is finished, you are now at the end of the line. These restrictions help preclude the possibility of an attacker inserting commands or metacharacters at the end of the input.
To make script more interactive, maybe add javascript with ajax request on client side
If it's for proof of concept and simulate commands it's fine as you don't have to deal with the major issue: give administrative privileges to the script to let it perform administrative tasks
To make script more interactive, maybe add javascript with ajax request on client side
If it's for proof of concept and simulate commands it's fine as you don't have to deal with the major issue: give administrative privileges to the script to let it perform administrative tasks
That's the whole crux of the situation. So much knowledge is required in so many disciplines - javascript - bash - ajax - html - that what appears to be a simple task has evolved into a monumental feat.
How can this be simplified?
This is a slapped together Bash script. How would you? achieve this with a HTML - CGI script ?
Code:
#!/bin/bash
echo What program do you want to install?
read varname
apt-get install $varname
It's up to you to build the application interface as you wish
With scripts executed from terminal it's easy, interface is provided by the terminal. You enter characters, press enter then cursor goes to next line after maybe displayed output from previous command... All you need to write is one program / script (ok maybe slight text formating)
With web applications, you have to write the html code that will hold the interface (=document) structure, then write css to stylize (colors, font styles etc) the interface. Once visual is done, you can add interraction
There are frameworks to help you, eg bootstrap (easy and interface will work on mobiles)
That's the whole crux of the situation. So much knowledge is required in so many disciplines - javascript - bash - ajax - html - that what appears to be a simple task has evolved into a monumental feat.
How can this be simplified?
This is a slapped together Bash script. How would you? achieve this with a HTML - CGI script ?
Code:
#!/bin/bash
echo What program do you want to install?
read varname
apt-get install $varname
Personally, I wouldn’t even try to do that with html and cgi...I wouldn’t even write or use the bash script. I’d just do the apt-get install from the command line. (Well, I’m a CentOS guy, so yum install ...)
If you want a web interface to help you manage a server, look into webmin. It contain a the necessary security to prevent public access. No need to re-invent that wheel...
If you want to learn more about html and cgi, perhaps consider php, python, or Perl (my choice) for the server-side tool.
And find tasks that are not so risky.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.