-
Bug
-
Resolution: Won't Fix
-
P4
-
None
-
1.1.3
-
None
-
x86
-
windows_95
Name: rm29839 Date: 10/20/97
1. Create Perl CGI that write passed data to file.
2. Create HTML doing native CGI POST and one doing
Applet invoked CGI POST.
3. Write Applet to establish URL, Open Connection,
setDoOutput(); create OutputStream; writeBytes
using constant values.
The APPLET:
/* A W o r k i n g J a v a I / O */
import java.awt.*;
import java.io.DataOutputStream;
import java.io.PrintStream;
import java.io.IOException;
import java.io.FileNotFoundException;
import java.net.*;
public class CCEncoder extends java.applet.Applet
{
String query;
String LocTxtStr = "http://www.delbri.com/cgi-bin/credcard.pl";
String PrtLine;
public void init()
{
setBackground(Color.white);
setForeground(Color.red);
query = "ACTION=" + URLEncoder.encode("Encode");
query += "&";
query += "Order=" + URLEncoder.encode("09161210");
query += "&";
query += "Ccn=" + URLEncoder.encode("cxhlnqorb");
int cl = query.length();
}
public void start()
{
try
{
URL u = new URL("http", "www.delbri.com", 80, "/cgi-bin/credcard.pl");
PrtLine = u.toString();
try
{
URLConnection uc = u.openConnection();
PrtLine += " " + uc.getURL();
uc.setDoOutput(true);
uc.setDoInput (true);
uc.setAllowUserInteraction(false);
DataOutputStream dos = new DataOutputStream(uc.getOutputStream());
dos.writeBytes(query);
dos.close();
}
catch (FileNotFoundException errcode)
{
add(new Label("Exception: " + errcode.getMessage()));
}
catch (IOException errcode)
{
add(new Label("IO Exception: " + errcode.getMessage()));
}
}
catch (MalformedURLException errcode)
{
add(new Label("Exception: " + errcode.getMessage()));
}
add(new Label("Encoded Credit Card Number: "));
repaint();
}
public void stop()
{
}
public void paint (Graphics g)
{
g.drawString(PrtLine,50,50);
}
}
The PERL CGI:
#!/usr/bin/perl
unshift (@INC, "/usr/local/etc/httpd/cgi-cpy");
##################################################################
# Credit Card Script
# Credcard.pl Version 1.0
# Created 9/15/97
##################################################################
require ("ystrlibs.pl");
$ccn = 'CRCDNUM';
$cordfile = 'order_log';
$wordfile = " ";
$wordrnbr = " ";
$wccn = " ";
$wrecout = " ";
#####################################################################
# F O R M A T T E D P R I N T L I N E S #
#####################################################################
format PRTREC =
@<<<<<< @<<<<<<<< @<<<<<<<<<<<<<<<<<<<
$ccn $FORM{'Order'} $FORM{'Ccn'}
.
####################################################################
# S U B R O U T I N E S #
####################################################################
##############################################################
# Create Date Fields #
##############################################################
require ("datetime.pl");
##############################################################
# Error Page Routine #
##############################################################
require ("errpage.pl");
##############################################################
# Dewebify The Input #
##############################################################
require ("dewebify.pl");
##############################################################
# Open Files #
##############################################################
sub openfils
{
$wordfile = $cfilenam . $cordfile;
if (open(ORDERLOG, ">>$wordfile"))
{ }
else
{
&safe_die ("The Order File Could Not Be Opened For Write; Retry. \n");
}
}
##############################################################
# Close Files #
##############################################################
sub closfils
{
close (ORDERLOG);
}
########################################################################
#
########################################################################
sub writrec
{
select (ORDERLOG);
$~ = "PRTREC";
write;
print " \n";
}
#####################################################################
# S T A R T O F P R O G R A M
#####################################################################
##################################################################
# P R O C E S S R E Q U E S T
##################################################################
&openfils;
select (ORDERLOG);
print "CCNSTART Order=777777 CreditNbr=222222\n";
&closfils;
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
&dewebify;
if ($FORM{'ACTION'} eq 'Encode')
{
&openfils;
select (ORDERLOG);
print "CCNSTART Order=888888 CreditNbr=111111\n";
# &writrec;
&closfils;
select (STDOUT);
&safe_die ("Credit Card Number Logged.\n");
}
else
{
&openfils;
select (ORDERLOG);
print "CCNSTART Order=999999 CreditNbr=000000\n";
&closfils;
select (STDOUT);
&safe_die ("Invalid Request Type. \n");
}
The HTML Native POST to CGI:
<HTML>
<HEAD>
<TITLE> Yesterday's Heroes </TITLE>
</HEAD>
<BODY BGCOLOR = "#FFFFFF" TEXT = "#0000FF" LINK = "#00688B" VLINK = "#00688B" >
<FONT COLOR = "#0000FF">
<DIV ALIGN=CENTER>
<H1>
Credit Card Encoder <BR>
</H1>
</DIV>
<PRE><A HREF = "index.htm"> Homepage </A> <A HREF = "catlgtoc.htm"> TOC </A> </PRE>
<FORM METHOD="POST" ACTION="../../cgi-bin/credcard.pl">
<P> This form is used to gain access to functions restricted to authorized
individuals only. If you are not an employee of Yesterday's Heroes, or an
agent of the Company, please do not attempt to go any further. </P>
<P> If you are an unauthorized individual, decide to be mischievous, are
successful in circumventing security, and vandalize this site, rest assured
your efforts have only managed to cause a minor inconvenience. Yesterday's
Heroes would like you to know, life will go on. Too bad you don't have one. </P>
<PRE> Order Number: <INPUT TYPE="TEXT" NAME="Order" SIZE="12" MAXLENGTH="8"> </PRE>
<PRE> Credit Card Number: <INPUT TYPE="TEXT" NAME="Ccn" SIZE="12" MAXLENGTH="8"> </PRE>
<PRE> <INPUT TYPE="SUBMIT" NAME="ACTION" VALUE="Encode"> </PRE>
</FORM>
<BR>
<HR>
<CENTER>
<ADDRESS>
Last Updated: 21-June-97 <BR>
Web Pages by Documentation Online, Inc. <BR>
Email Address: ###@###.### <BR>
</ADDRESS>
</BODY>
</HTML>
The HTML with APPLET:
<html>
<head>
<title> J a v a C r e d i t C a r d E n c o d e r </title>
</head><body bgcolor="#ffffff" text = "#0000ff" link = "#00688b" vlink = "#00688b">
<center>
<h2> Yesterday's Heroes Credit Card Encoder </h2>
<p><applet codebase=http://www.delbri.com/ystrhero code = "CCEncoder.class" width=400 height=200>
</applet> </p>
</center>
</body>
</html>
I have left some code that was used to help try and
find any possible cause for this bug. The Perl script
is setup to write no matter what is passed to it.
It works fine with the HTML calling it direct, but
not with the Applet. They original Applet was far more
complicated with a Grid Layout, Buttons, and Event
processing, but it has been bare-boned for testing.
As far as I can tell, the Applet just never makes the
call, or the call to the Server is invalid.
I checked some other Java User Groups, and found
there are others experiencing the same difficulty.
If this is not a bug, there definitely needs to be
some clarification given on how Applets/Java write
data back to a server.
PS: The Appletviewer in Debug mode does not indicate
there is any problem.
company - , email - ###@###.###
======================================================================