| 1 | =head1 NAME |
| 2 | |
| 3 | perlfaq3 - Programming Tools ($Revision: 1.38 $, $Date: 1999/05/23 16:08:30 $) |
| 4 | |
| 5 | =head1 DESCRIPTION |
| 6 | |
| 7 | This section of the FAQ answers questions related to programmer tools |
| 8 | and programming support. |
| 9 | |
| 10 | =head2 How do I do (anything)? |
| 11 | |
| 12 | Have you looked at CPAN (see L<perlfaq2>)? The chances are that |
| 13 | someone has already written a module that can solve your problem. |
| 14 | Have you read the appropriate man pages? Here's a brief index: |
| 15 | |
| 16 | Basics perldata, perlvar, perlsyn, perlop, perlsub |
| 17 | Execution perlrun, perldebug |
| 18 | Functions perlfunc |
| 19 | Objects perlref, perlmod, perlobj, perltie |
| 20 | Data Structures perlref, perllol, perldsc |
| 21 | Modules perlmod, perlmodlib, perlsub |
| 22 | Regexes perlre, perlfunc, perlop, perllocale |
| 23 | Moving to perl5 perltrap, perl |
| 24 | Linking w/C perlxstut, perlxs, perlcall, perlguts, perlembed |
| 25 | Various http://www.perl.com/CPAN/doc/FMTEYEWTK/index.html |
| 26 | (not a man-page but still useful) |
| 27 | |
| 28 | A crude table of contents for the Perl man page set is found in L<perltoc>. |
| 29 | |
| 30 | =head2 How can I use Perl interactively? |
| 31 | |
| 32 | The typical approach uses the Perl debugger, described in the |
| 33 | perldebug(1) man page, on an ``empty'' program, like this: |
| 34 | |
| 35 | perl -de 42 |
| 36 | |
| 37 | Now just type in any legal Perl code, and it will be immediately |
| 38 | evaluated. You can also examine the symbol table, get stack |
| 39 | backtraces, check variable values, set breakpoints, and other |
| 40 | operations typically found in symbolic debuggers. |
| 41 | |
| 42 | =head2 Is there a Perl shell? |
| 43 | |
| 44 | In general, no. The Shell.pm module (distributed with Perl) makes |
| 45 | Perl try commands which aren't part of the Perl language as shell |
| 46 | commands. perlsh from the source distribution is simplistic and |
| 47 | uninteresting, but may still be what you want. |
| 48 | |
| 49 | =head2 How do I debug my Perl programs? |
| 50 | |
| 51 | Have you tried C<use warnings> or used C<-w>? They enable warnings |
| 52 | to detect dubious practices. |
| 53 | |
| 54 | Have you tried C<use strict>? It prevents you from using symbolic |
| 55 | references, makes you predeclare any subroutines that you call as bare |
| 56 | words, and (probably most importantly) forces you to predeclare your |
| 57 | variables with C<my>, C<our>, or C<use vars>. |
| 58 | |
| 59 | Did you check the return values of each and every system call? The operating |
| 60 | system (and thus Perl) tells you whether they worked, and if not |
| 61 | why. |
| 62 | |
| 63 | open(FH, "> /etc/cantwrite") |
| 64 | or die "Couldn't write to /etc/cantwrite: $!\n"; |
| 65 | |
| 66 | Did you read L<perltrap>? It's full of gotchas for old and new Perl |
| 67 | programmers and even has sections for those of you who are upgrading |
| 68 | from languages like I<awk> and I<C>. |
| 69 | |
| 70 | Have you tried the Perl debugger, described in L<perldebug>? You can |
| 71 | step through your program and see what it's doing and thus work out |
| 72 | why what it's doing isn't what it should be doing. |
| 73 | |
| 74 | =head2 How do I profile my Perl programs? |
| 75 | |
| 76 | You should get the Devel::DProf module from the standard distribution |
| 77 | (or separately on CPAN) and also use Benchmark.pm from the standard |
| 78 | distribution. The Benchmark module lets you time specific portions of |
| 79 | your code, while Devel::DProf gives detailed breakdowns of where your |
| 80 | code spends its time. |
| 81 | |
| 82 | Here's a sample use of Benchmark: |
| 83 | |
| 84 | use Benchmark; |
| 85 | |
| 86 | @junk = `cat /etc/motd`; |
| 87 | $count = 10_000; |
| 88 | |
| 89 | timethese($count, { |
| 90 | 'map' => sub { my @a = @junk; |
| 91 | map { s/a/b/ } @a; |
| 92 | return @a |
| 93 | }, |
| 94 | 'for' => sub { my @a = @junk; |
| 95 | local $_; |
| 96 | for (@a) { s/a/b/ }; |
| 97 | return @a }, |
| 98 | }); |
| 99 | |
| 100 | This is what it prints (on one machine--your results will be dependent |
| 101 | on your hardware, operating system, and the load on your machine): |
| 102 | |
| 103 | Benchmark: timing 10000 iterations of for, map... |
| 104 | for: 4 secs ( 3.97 usr 0.01 sys = 3.98 cpu) |
| 105 | map: 6 secs ( 4.97 usr 0.00 sys = 4.97 cpu) |
| 106 | |
| 107 | Be aware that a good benchmark is very hard to write. It only tests the |
| 108 | data you give it and proves little about the differing complexities |
| 109 | of contrasting algorithms. |
| 110 | |
| 111 | =head2 How do I cross-reference my Perl programs? |
| 112 | |
| 113 | The B::Xref module, shipped with the new, alpha-release Perl compiler |
| 114 | (not the general distribution prior to the 5.005 release), can be used |
| 115 | to generate cross-reference reports for Perl programs. |
| 116 | |
| 117 | perl -MO=Xref[,OPTIONS] scriptname.plx |
| 118 | |
| 119 | =head2 Is there a pretty-printer (formatter) for Perl? |
| 120 | |
| 121 | There is no program that will reformat Perl as much as indent(1) does |
| 122 | for C. The complex feedback between the scanner and the parser (this |
| 123 | feedback is what confuses the vgrind and emacs programs) makes it |
| 124 | challenging at best to write a stand-alone Perl parser. |
| 125 | |
| 126 | Of course, if you simply follow the guidelines in L<perlstyle>, you |
| 127 | shouldn't need to reformat. The habit of formatting your code as you |
| 128 | write it will help prevent bugs. Your editor can and should help you |
| 129 | with this. The perl-mode or newer cperl-mode for emacs can provide |
| 130 | remarkable amounts of help with most (but not all) code, and even less |
| 131 | programmable editors can provide significant assistance. Tom swears |
| 132 | by the following settings in vi and its clones: |
| 133 | |
| 134 | set ai sw=4 |
| 135 | map! ^O {^M}^[O^T |
| 136 | |
| 137 | Now put that in your F<.exrc> file (replacing the caret characters |
| 138 | with control characters) and away you go. In insert mode, ^T is |
| 139 | for indenting, ^D is for undenting, and ^O is for blockdenting-- |
| 140 | as it were. If you haven't used the last one, you're missing |
| 141 | a lot. A more complete example, with comments, can be found at |
| 142 | http://www.perl.com/CPAN-local/authors/id/TOMC/scripts/toms.exrc.gz |
| 143 | |
| 144 | If you are used to using the I<vgrind> program for printing out nice code |
| 145 | to a laser printer, you can take a stab at this using |
| 146 | http://www.perl.com/CPAN/doc/misc/tips/working.vgrind.entry, but the |
| 147 | results are not particularly satisfying for sophisticated code. |
| 148 | |
| 149 | The a2ps at http://www.infres.enst.fr/%7Edemaille/a2ps/ does lots of things |
| 150 | related to generating nicely printed output of documents. |
| 151 | |
| 152 | =head2 Is there a ctags for Perl? |
| 153 | |
| 154 | There's a simple one at |
| 155 | http://www.perl.com/CPAN/authors/id/TOMC/scripts/ptags.gz which may do |
| 156 | the trick. And if not, it's easy to hack into what you want. |
| 157 | |
| 158 | =head2 Is there an IDE or Windows Perl Editor? |
| 159 | |
| 160 | Perl programs are just plain text, so any editor will do. |
| 161 | |
| 162 | If you're on Unix, you already have an IDE--Unix itself. The UNIX |
| 163 | philosophy is the philosophy of several small tools that each do one |
| 164 | thing and do it well. It's like a carpenter's toolbox. |
| 165 | |
| 166 | If you want a Windows IDE, check the following: PerlBuilder |
| 167 | (http://www.solutionsoft.com/perl.htm) is an integrated development |
| 168 | environment for Windows that supports Perl development. Komodo, |
| 169 | ActiveState's cross-platform, multi-language IDE has Perl support, |
| 170 | including a regular expression debugger and remote debugging |
| 171 | (http://www.ActiveState.com/Products/Komodo/index.html). |
| 172 | (Visual Perl, a Visual Studio.NET plug-in is currently (late 2000) |
| 173 | in beta (http://www.ActiveState.com/Products/VisualPerl/index.html)). |
| 174 | The visiPerl+ IDE is available from Help Consulting |
| 175 | (http://helpconsulting.net/visiperl/). Perl code magic is another IDE |
| 176 | (http://www.petes-place.com/codemagic.html). CodeMagicCD |
| 177 | (http://www.codemagiccd.com/) is another IDE. The Object System |
| 178 | (http://www.castlelink.co.uk/object_system/) is a Perl web |
| 179 | applications development IDE. |
| 180 | |
| 181 | For editors: if you're on Unix you probably have vi or a vi clone already, |
| 182 | and possibly an emacs too, so you may not need to download anything. |
| 183 | In any emacs the cperl-mode (M-x cperl-mode) gives you perhaps the |
| 184 | best available Perl editing mode in any editor. |
| 185 | |
| 186 | For Windows editors: you can download GNU Emacs |
| 187 | (http://www.gnu.org/software/emacs/windows/ntemacs.html) or XEmacs |
| 188 | (http://www.xemacs.org/Download/index.html), or a vi clone such as |
| 189 | Elvis (ftp://ftp.cs.pdx.edu/pub/elvis/, http://www.fh-wedel.de/elvis/), |
| 190 | Vile (http://vile.cx), or Vim (http://www.vim.org/) |
| 191 | (win32: http://www.cs.vu.nl/%7Etmgil/vi.html). |
| 192 | For vi lovers in general, Windows or elsewhere: |
| 193 | http://www.thomer.com/thomer/vi/vi.html. |
| 194 | |
| 195 | nvi (http://www.bostic.com/vi/, available from CPAN in src/misc/) is |
| 196 | yet another vi clone, unfortunately not available for Windows, but in |
| 197 | UNIX platforms you might be interested in trying it out, firstly because |
| 198 | strictly speaking it is not a vi clone, it is the real vi, or the new |
| 199 | incarnation of it, and secondly because you can embed Perl inside it |
| 200 | to use Perl as the scripting language. nvi is not alone in this, |
| 201 | though: at least also vim and vile offer an embedded Perl. |
| 202 | |
| 203 | The following are Win32 multilanguage editor/IDESs that support Perl: |
| 204 | Codewright (http://www.starbase.com/), MultiEdit (http://www.MultiEdit.com/), |
| 205 | SlickEdit (http://www.slickedit.com/). |
| 206 | |
| 207 | There is also a toyedit Text widget based editor written in Perl |
| 208 | that is distributed with the Tk module on CPAN. The ptkdb |
| 209 | (http://world.std.com/~aep/ptkdb/) is a Perl/tk based debugger that |
| 210 | acts as a development environment of sorts. Perl Composer |
| 211 | (http://perlcomposer.sourceforge.net/vperl.html) is an IDE for Perl/Tk |
| 212 | GUI creation. |
| 213 | |
| 214 | In addition to an editor/IDE you might be interested in a more |
| 215 | powerful shell environment for Win32. Your options include the Bash |
| 216 | from the Cygwin package (http://sources.redhat.com/cygwin/), or the |
| 217 | Ksh from the MKS Toolkit (http://www.mks.com/), or the Bourne shell of |
| 218 | the U/WIN environment (http://www.research.att.com/sw/tools/uwin/), or |
| 219 | the Tcsh (ftp://ftp.astron.com/pub/tcsh/, see also |
| 220 | http://www.primate.wisc.edu/software/csh-tcsh-book/), or the Zsh |
| 221 | (ftp://ftp.blarg.net/users/amol/zsh/, see also http://www.zsh.org/). |
| 222 | MKS and U/WIN are commercial (U/WIN is free for educational and |
| 223 | research purposes), Cygwin is covered by the GNU Public License (but |
| 224 | that shouldn't matter for Perl use). The Cygwin, MKS, and U/WIN all |
| 225 | contain (in addition to the shells) a comprehensive set of standard |
| 226 | UNIX toolkit utilities. |
| 227 | |
| 228 | If you're transferring text files between Unix and Windows using FTP |
| 229 | be sure to transfer them in ASCII mode so the ends of lines are |
| 230 | appropriately converted. |
| 231 | |
| 232 | On Mac OS the MacPerl Application comes with a simple 32k text editor |
| 233 | that behaves like a rudimentary IDE. In contrast to the MacPerl Application |
| 234 | the MPW Perl tool can make use of the MPW Shell itself as an editor (with |
| 235 | no 32k limit). BBEdit and BBEdit Lite are text editors for Mac OS |
| 236 | that have a Perl sensitivity mode (http://web.barebones.com/). |
| 237 | Alpha is an editor, written and extensible in Tcl, that nonetheless has |
| 238 | built in support for several popular markup and programming languages |
| 239 | including Perl and HTML (http://alpha.olm.net/). Pepper and Pe are |
| 240 | programming language sensitive text editors for Mac OS X and BeOS |
| 241 | respectively (http://www.hekkelman.com). |
| 242 | |
| 243 | =head2 Where can I get Perl macros for vi? |
| 244 | |
| 245 | For a complete version of Tom Christiansen's vi configuration file, |
| 246 | see http://www.perl.com/CPAN/authors/Tom_Christiansen/scripts/toms.exrc.gz , |
| 247 | the standard benchmark file for vi emulators. The file runs best with nvi, |
| 248 | the current version of vi out of Berkeley, which incidentally can be built |
| 249 | with an embedded Perl interpreter--see http://www.perl.com/CPAN/src/misc. |
| 250 | |
| 251 | =head2 Where can I get perl-mode for emacs? |
| 252 | |
| 253 | Since Emacs version 19 patchlevel 22 or so, there have been both a |
| 254 | perl-mode.el and support for the Perl debugger built in. These should |
| 255 | come with the standard Emacs 19 distribution. |
| 256 | |
| 257 | In the Perl source directory, you'll find a directory called "emacs", |
| 258 | which contains a cperl-mode that color-codes keywords, provides |
| 259 | context-sensitive help, and other nifty things. |
| 260 | |
| 261 | Note that the perl-mode of emacs will have fits with C<"main'foo"> |
| 262 | (single quote), and mess up the indentation and highlighting. You |
| 263 | are probably using C<"main::foo"> in new Perl code anyway, so this |
| 264 | shouldn't be an issue. |
| 265 | |
| 266 | =head2 How can I use curses with Perl? |
| 267 | |
| 268 | The Curses module from CPAN provides a dynamically loadable object |
| 269 | module interface to a curses library. A small demo can be found at the |
| 270 | directory http://www.perl.com/CPAN/authors/Tom_Christiansen/scripts/rep; |
| 271 | this program repeats a command and updates the screen as needed, rendering |
| 272 | B<rep ps axu> similar to B<top>. |
| 273 | |
| 274 | =head2 How can I use X or Tk with Perl? |
| 275 | |
| 276 | Tk is a completely Perl-based, object-oriented interface to the Tk toolkit |
| 277 | that doesn't force you to use Tcl just to get at Tk. Sx is an interface |
| 278 | to the Athena Widget set. Both are available from CPAN. See the |
| 279 | directory http://www.perl.com/CPAN/modules/by-category/08_User_Interfaces/ |
| 280 | |
| 281 | Invaluable for Perl/Tk programming are the Perl/Tk FAQ at |
| 282 | http://w4.lns.cornell.edu/%7Epvhp/ptk/ptkTOC.html , the Perl/Tk Reference |
| 283 | Guide available at |
| 284 | http://www.perl.com/CPAN-local/authors/Stephen_O_Lidie/ , and the |
| 285 | online manpages at |
| 286 | http://www-users.cs.umn.edu/%7Eamundson/perl/perltk/toc.html . |
| 287 | |
| 288 | =head2 How can I generate simple menus without using CGI or Tk? |
| 289 | |
| 290 | The http://www.perl.com/CPAN/authors/id/SKUNZ/perlmenu.v4.0.tar.gz |
| 291 | module, which is curses-based, can help with this. |
| 292 | |
| 293 | =head2 What is undump? |
| 294 | |
| 295 | See the next question on ``How can I make my Perl program run faster?'' |
| 296 | |
| 297 | =head2 How can I make my Perl program run faster? |
| 298 | |
| 299 | The best way to do this is to come up with a better algorithm. This |
| 300 | can often make a dramatic difference. Jon Bentley's book |
| 301 | ``Programming Pearls'' (that's not a misspelling!) has some good tips |
| 302 | on optimization, too. Advice on benchmarking boils down to: benchmark |
| 303 | and profile to make sure you're optimizing the right part, look for |
| 304 | better algorithms instead of microtuning your code, and when all else |
| 305 | fails consider just buying faster hardware. |
| 306 | |
| 307 | A different approach is to autoload seldom-used Perl code. See the |
| 308 | AutoSplit and AutoLoader modules in the standard distribution for |
| 309 | that. Or you could locate the bottleneck and think about writing just |
| 310 | that part in C, the way we used to take bottlenecks in C code and |
| 311 | write them in assembler. Similar to rewriting in C, |
| 312 | modules that have critical sections can be written in C (for instance, the |
| 313 | PDL module from CPAN). |
| 314 | |
| 315 | In some cases, it may be worth it to use the backend compiler to |
| 316 | produce byte code (saving compilation time) or compile into C, which |
| 317 | will certainly save compilation time and sometimes a small amount (but |
| 318 | not much) execution time. See the question about compiling your Perl |
| 319 | programs for more on the compiler--the wins aren't as obvious as you'd |
| 320 | hope. |
| 321 | |
| 322 | If you're currently linking your perl executable to a shared I<libc.so>, |
| 323 | you can often gain a 10-25% performance benefit by rebuilding it to |
| 324 | link with a static libc.a instead. This will make a bigger perl |
| 325 | executable, but your Perl programs (and programmers) may thank you for |
| 326 | it. See the F<INSTALL> file in the source distribution for more |
| 327 | information. |
| 328 | |
| 329 | Unsubstantiated reports allege that Perl interpreters that use sfio |
| 330 | outperform those that don't (for I/O intensive applications). To try |
| 331 | this, see the F<INSTALL> file in the source distribution, especially |
| 332 | the ``Selecting File I/O mechanisms'' section. |
| 333 | |
| 334 | The undump program was an old attempt to speed up your Perl program |
| 335 | by storing the already-compiled form to disk. This is no longer |
| 336 | a viable option, as it only worked on a few architectures, and |
| 337 | wasn't a good solution anyway. |
| 338 | |
| 339 | =head2 How can I make my Perl program take less memory? |
| 340 | |
| 341 | When it comes to time-space tradeoffs, Perl nearly always prefers to |
| 342 | throw memory at a problem. Scalars in Perl use more memory than |
| 343 | strings in C, arrays take more than that, and hashes use even more. While |
| 344 | there's still a lot to be done, recent releases have been addressing |
| 345 | these issues. For example, as of 5.004, duplicate hash keys are |
| 346 | shared amongst all hashes using them, so require no reallocation. |
| 347 | |
| 348 | In some cases, using substr() or vec() to simulate arrays can be |
| 349 | highly beneficial. For example, an array of a thousand booleans will |
| 350 | take at least 20,000 bytes of space, but it can be turned into one |
| 351 | 125-byte bit vector--a considerable memory savings. The standard |
| 352 | Tie::SubstrHash module can also help for certain types of data |
| 353 | structure. If you're working with specialist data structures |
| 354 | (matrices, for instance) modules that implement these in C may use |
| 355 | less memory than equivalent Perl modules. |
| 356 | |
| 357 | Another thing to try is learning whether your Perl was compiled with |
| 358 | the system malloc or with Perl's builtin malloc. Whichever one it |
| 359 | is, try using the other one and see whether this makes a difference. |
| 360 | Information about malloc is in the F<INSTALL> file in the source |
| 361 | distribution. You can find out whether you are using perl's malloc by |
| 362 | typing C<perl -V:usemymalloc>. |
| 363 | |
| 364 | =head2 Is it unsafe to return a pointer to local data? |
| 365 | |
| 366 | No, Perl's garbage collection system takes care of this. |
| 367 | |
| 368 | sub makeone { |
| 369 | my @a = ( 1 .. 10 ); |
| 370 | return \@a; |
| 371 | } |
| 372 | |
| 373 | for $i ( 1 .. 10 ) { |
| 374 | push @many, makeone(); |
| 375 | } |
| 376 | |
| 377 | print $many[4][5], "\n"; |
| 378 | |
| 379 | print "@many\n"; |
| 380 | |
| 381 | =head2 How can I free an array or hash so my program shrinks? |
| 382 | |
| 383 | You can't. On most operating systems, memory allocated to a program |
| 384 | can never be returned to the system. That's why long-running programs |
| 385 | sometimes re-exec themselves. Some operating systems (notably, |
| 386 | FreeBSD and Linux) allegedly reclaim large chunks of memory that is no |
| 387 | longer used, but it doesn't appear to happen with Perl (yet). The Mac |
| 388 | appears to be the only platform that will reliably (albeit, slowly) |
| 389 | return memory to the OS. |
| 390 | |
| 391 | We've had reports that on Linux (Redhat 5.1) on Intel, C<undef |
| 392 | $scalar> will return memory to the system, while on Solaris 2.6 it |
| 393 | won't. In general, try it yourself and see. |
| 394 | |
| 395 | However, judicious use of my() on your variables will help make sure |
| 396 | that they go out of scope so that Perl can free up that space for |
| 397 | use in other parts of your program. A global variable, of course, never |
| 398 | goes out of scope, so you can't get its space automatically reclaimed, |
| 399 | although undef()ing and/or delete()ing it will achieve the same effect. |
| 400 | In general, memory allocation and de-allocation isn't something you can |
| 401 | or should be worrying about much in Perl, but even this capability |
| 402 | (preallocation of data types) is in the works. |
| 403 | |
| 404 | =head2 How can I make my CGI script more efficient? |
| 405 | |
| 406 | Beyond the normal measures described to make general Perl programs |
| 407 | faster or smaller, a CGI program has additional issues. It may be run |
| 408 | several times per second. Given that each time it runs it will need |
| 409 | to be re-compiled and will often allocate a megabyte or more of system |
| 410 | memory, this can be a killer. Compiling into C B<isn't going to help |
| 411 | you> because the process start-up overhead is where the bottleneck is. |
| 412 | |
| 413 | There are two popular ways to avoid this overhead. One solution |
| 414 | involves running the Apache HTTP server (available from |
| 415 | http://www.apache.org/) with either of the mod_perl or mod_fastcgi |
| 416 | plugin modules. |
| 417 | |
| 418 | With mod_perl and the Apache::Registry module (distributed with |
| 419 | mod_perl), httpd will run with an embedded Perl interpreter which |
| 420 | pre-compiles your script and then executes it within the same address |
| 421 | space without forking. The Apache extension also gives Perl access to |
| 422 | the internal server API, so modules written in Perl can do just about |
| 423 | anything a module written in C can. For more on mod_perl, see |
| 424 | http://perl.apache.org/ |
| 425 | |
| 426 | With the FCGI module (from CPAN) and the mod_fastcgi |
| 427 | module (available from http://www.fastcgi.com/) each of your Perl |
| 428 | programs becomes a permanent CGI daemon process. |
| 429 | |
| 430 | Both of these solutions can have far-reaching effects on your system |
| 431 | and on the way you write your CGI programs, so investigate them with |
| 432 | care. |
| 433 | |
| 434 | See http://www.perl.com/CPAN/modules/by-category/15_World_Wide_Web_HTML_HTTP_CGI/ . |
| 435 | |
| 436 | A non-free, commercial product, ``The Velocity Engine for Perl'', |
| 437 | (http://www.binevolve.com/ or http://www.binevolve.com/velocigen/ ) |
| 438 | might also be worth looking at. It will allow you to increase the |
| 439 | performance of your Perl programs, running programs up to 25 times |
| 440 | faster than normal CGI Perl when running in persistent Perl mode or 4 |
| 441 | to 5 times faster without any modification to your existing CGI |
| 442 | programs. Fully functional evaluation copies are available from the |
| 443 | web site. |
| 444 | |
| 445 | =head2 How can I hide the source for my Perl program? |
| 446 | |
| 447 | Delete it. :-) Seriously, there are a number of (mostly |
| 448 | unsatisfactory) solutions with varying levels of ``security''. |
| 449 | |
| 450 | First of all, however, you I<can't> take away read permission, because |
| 451 | the source code has to be readable in order to be compiled and |
| 452 | interpreted. (That doesn't mean that a CGI script's source is |
| 453 | readable by people on the web, though--only by people with access to |
| 454 | the filesystem.) So you have to leave the permissions at the socially |
| 455 | friendly 0755 level. |
| 456 | |
| 457 | Some people regard this as a security problem. If your program does |
| 458 | insecure things and relies on people not knowing how to exploit those |
| 459 | insecurities, it is not secure. It is often possible for someone to |
| 460 | determine the insecure things and exploit them without viewing the |
| 461 | source. Security through obscurity, the name for hiding your bugs |
| 462 | instead of fixing them, is little security indeed. |
| 463 | |
| 464 | You can try using encryption via source filters (Filter::* from CPAN), |
| 465 | but any decent programmer will be able to decrypt it. You can try using |
| 466 | the byte code compiler and interpreter described below, but the curious |
| 467 | might still be able to de-compile it. You can try using the native-code |
| 468 | compiler described below, but crackers might be able to disassemble it. |
| 469 | These pose varying degrees of difficulty to people wanting to get at |
| 470 | your code, but none can definitively conceal it (true of every |
| 471 | language, not just Perl). |
| 472 | |
| 473 | If you're concerned about people profiting from your code, then the |
| 474 | bottom line is that nothing but a restrictive license will give you |
| 475 | legal security. License your software and pepper it with threatening |
| 476 | statements like ``This is unpublished proprietary software of XYZ Corp. |
| 477 | Your access to it does not give you permission to use it blah blah |
| 478 | blah.'' We are not lawyers, of course, so you should see a lawyer if |
| 479 | you want to be sure your license's wording will stand up in court. |
| 480 | |
| 481 | =head2 How can I compile my Perl program into byte code or C? |
| 482 | |
| 483 | Malcolm Beattie has written a multifunction backend compiler, |
| 484 | available from CPAN, that can do both these things. It is included |
| 485 | in the perl5.005 release, but is still considered experimental. |
| 486 | This means it's fun to play with if you're a programmer but not |
| 487 | really for people looking for turn-key solutions. |
| 488 | |
| 489 | Merely compiling into C does not in and of itself guarantee that your |
| 490 | code will run very much faster. That's because except for lucky cases |
| 491 | where a lot of native type inferencing is possible, the normal Perl |
| 492 | run-time system is still present and so your program will take just as |
| 493 | long to run and be just as big. Most programs save little more than |
| 494 | compilation time, leaving execution no more than 10-30% faster. A few |
| 495 | rare programs actually benefit significantly (even running several times |
| 496 | faster), but this takes some tweaking of your code. |
| 497 | |
| 498 | You'll probably be astonished to learn that the current version of the |
| 499 | compiler generates a compiled form of your script whose executable is |
| 500 | just as big as the original perl executable, and then some. That's |
| 501 | because as currently written, all programs are prepared for a full |
| 502 | eval() statement. You can tremendously reduce this cost by building a |
| 503 | shared I<libperl.so> library and linking against that. See the |
| 504 | F<INSTALL> podfile in the Perl source distribution for details. If |
| 505 | you link your main perl binary with this, it will make it minuscule. |
| 506 | For example, on one author's system, F</usr/bin/perl> is only 11k in |
| 507 | size! |
| 508 | |
| 509 | In general, the compiler will do nothing to make a Perl program smaller, |
| 510 | faster, more portable, or more secure. In fact, it can make your |
| 511 | situation worse. The executable will be bigger, your VM system may take |
| 512 | longer to load the whole thing, the binary is fragile and hard to fix, |
| 513 | and compilation never stopped software piracy in the form of crackers, |
| 514 | viruses, or bootleggers. The real advantage of the compiler is merely |
| 515 | packaging, and once you see the size of what it makes (well, unless |
| 516 | you use a shared I<libperl.so>), you'll probably want a complete |
| 517 | Perl install anyway. |
| 518 | |
| 519 | =head2 How can I compile Perl into Java? |
| 520 | |
| 521 | You can also integrate Java and Perl with the |
| 522 | Perl Resource Kit from O'Reilly and Associates. See |
| 523 | http://www.oreilly.com/catalog/prkunix/ . |
| 524 | |
| 525 | Perl 5.6 comes with Java Perl Lingo, or JPL. JPL, still in |
| 526 | development, allows Perl code to be called from Java. See jpl/README |
| 527 | in the Perl source tree. |
| 528 | |
| 529 | =head2 How can I get C<#!perl> to work on [MS-DOS,NT,...]? |
| 530 | |
| 531 | For OS/2 just use |
| 532 | |
| 533 | extproc perl -S -your_switches |
| 534 | |
| 535 | as the first line in C<*.cmd> file (C<-S> due to a bug in cmd.exe's |
| 536 | `extproc' handling). For DOS one should first invent a corresponding |
| 537 | batch file and codify it in C<ALTERNATIVE_SHEBANG> (see the |
| 538 | F<INSTALL> file in the source distribution for more information). |
| 539 | |
| 540 | The Win95/NT installation, when using the ActiveState port of Perl, |
| 541 | will modify the Registry to associate the C<.pl> extension with the |
| 542 | perl interpreter. If you install another port, perhaps even building |
| 543 | your own Win95/NT Perl from the standard sources by using a Windows port |
| 544 | of gcc (e.g., with cygwin or mingw32), then you'll have to modify |
| 545 | the Registry yourself. In addition to associating C<.pl> with the |
| 546 | interpreter, NT people can use: C<SET PATHEXT=%PATHEXT%;.PL> to let them |
| 547 | run the program C<install-linux.pl> merely by typing C<install-linux>. |
| 548 | |
| 549 | Macintosh Perl programs will have the appropriate Creator and |
| 550 | Type, so that double-clicking them will invoke the Perl application. |
| 551 | |
| 552 | I<IMPORTANT!>: Whatever you do, PLEASE don't get frustrated, and just |
| 553 | throw the perl interpreter into your cgi-bin directory, in order to |
| 554 | get your programs working for a web server. This is an EXTREMELY big |
| 555 | security risk. Take the time to figure out how to do it correctly. |
| 556 | |
| 557 | =head2 Can I write useful Perl programs on the command line? |
| 558 | |
| 559 | Yes. Read L<perlrun> for more information. Some examples follow. |
| 560 | (These assume standard Unix shell quoting rules.) |
| 561 | |
| 562 | # sum first and last fields |
| 563 | perl -lane 'print $F[0] + $F[-1]' * |
| 564 | |
| 565 | # identify text files |
| 566 | perl -le 'for(@ARGV) {print if -f && -T _}' * |
| 567 | |
| 568 | # remove (most) comments from C program |
| 569 | perl -0777 -pe 's{/\*.*?\*/}{}gs' foo.c |
| 570 | |
| 571 | # make file a month younger than today, defeating reaper daemons |
| 572 | perl -e '$X=24*60*60; utime(time(),time() + 30 * $X,@ARGV)' * |
| 573 | |
| 574 | # find first unused uid |
| 575 | perl -le '$i++ while getpwuid($i); print $i' |
| 576 | |
| 577 | # display reasonable manpath |
| 578 | echo $PATH | perl -nl -072 -e ' |
| 579 | s![^/+]*$!man!&&-d&&!$s{$_}++&&push@m,$_;END{print"@m"}' |
| 580 | |
| 581 | OK, the last one was actually an Obfuscated Perl Contest entry. :-) |
| 582 | |
| 583 | =head2 Why don't Perl one-liners work on my DOS/Mac/VMS system? |
| 584 | |
| 585 | The problem is usually that the command interpreters on those systems |
| 586 | have rather different ideas about quoting than the Unix shells under |
| 587 | which the one-liners were created. On some systems, you may have to |
| 588 | change single-quotes to double ones, which you must I<NOT> do on Unix |
| 589 | or Plan9 systems. You might also have to change a single % to a %%. |
| 590 | |
| 591 | For example: |
| 592 | |
| 593 | # Unix |
| 594 | perl -e 'print "Hello world\n"' |
| 595 | |
| 596 | # DOS, etc. |
| 597 | perl -e "print \"Hello world\n\"" |
| 598 | |
| 599 | # Mac |
| 600 | print "Hello world\n" |
| 601 | (then Run "Myscript" or Shift-Command-R) |
| 602 | |
| 603 | # VMS |
| 604 | perl -e "print ""Hello world\n""" |
| 605 | |
| 606 | The problem is that none of these examples are reliable: they depend on the |
| 607 | command interpreter. Under Unix, the first two often work. Under DOS, |
| 608 | it's entirely possible that neither works. If 4DOS was the command shell, |
| 609 | you'd probably have better luck like this: |
| 610 | |
| 611 | perl -e "print <Ctrl-x>"Hello world\n<Ctrl-x>"" |
| 612 | |
| 613 | Under the Mac, it depends which environment you are using. The MacPerl |
| 614 | shell, or MPW, is much like Unix shells in its support for several |
| 615 | quoting variants, except that it makes free use of the Mac's non-ASCII |
| 616 | characters as control characters. |
| 617 | |
| 618 | Using qq(), q(), and qx(), instead of "double quotes", 'single |
| 619 | quotes', and `backticks`, may make one-liners easier to write. |
| 620 | |
| 621 | There is no general solution to all of this. It is a mess, pure and |
| 622 | simple. Sucks to be away from Unix, huh? :-) |
| 623 | |
| 624 | [Some of this answer was contributed by Kenneth Albanowski.] |
| 625 | |
| 626 | =head2 Where can I learn about CGI or Web programming in Perl? |
| 627 | |
| 628 | For modules, get the CGI or LWP modules from CPAN. For textbooks, |
| 629 | see the two especially dedicated to web stuff in the question on |
| 630 | books. For problems and questions related to the web, like ``Why |
| 631 | do I get 500 Errors'' or ``Why doesn't it run from the browser right |
| 632 | when it runs fine on the command line'', see these sources: |
| 633 | |
| 634 | WWW Security FAQ |
| 635 | http://www.w3.org/Security/Faq/ |
| 636 | |
| 637 | Web FAQ |
| 638 | http://www.boutell.com/faq/ |
| 639 | |
| 640 | CGI FAQ |
| 641 | http://www.webthing.com/tutorials/cgifaq.html |
| 642 | |
| 643 | HTTP Spec |
| 644 | http://www.w3.org/pub/WWW/Protocols/HTTP/ |
| 645 | |
| 646 | HTML Spec |
| 647 | http://www.w3.org/TR/REC-html40/ |
| 648 | http://www.w3.org/pub/WWW/MarkUp/ |
| 649 | |
| 650 | CGI Spec |
| 651 | http://www.w3.org/CGI/ |
| 652 | |
| 653 | CGI Security FAQ |
| 654 | http://www.go2net.com/people/paulp/cgi-security/safe-cgi.txt |
| 655 | |
| 656 | =head2 Where can I learn about object-oriented Perl programming? |
| 657 | |
| 658 | A good place to start is L<perltoot>, and you can use L<perlobj>, |
| 659 | L<perlboot>, and L<perlbot> for reference. Perltoot didn't come out |
| 660 | until the 5.004 release; you can get a copy (in pod, html, or |
| 661 | postscript) from http://www.perl.com/CPAN/doc/FMTEYEWTK/ . |
| 662 | |
| 663 | =head2 Where can I learn about linking C with Perl? [h2xs, xsubpp] |
| 664 | |
| 665 | If you want to call C from Perl, start with L<perlxstut>, |
| 666 | moving on to L<perlxs>, L<xsubpp>, and L<perlguts>. If you want to |
| 667 | call Perl from C, then read L<perlembed>, L<perlcall>, and |
| 668 | L<perlguts>. Don't forget that you can learn a lot from looking at |
| 669 | how the authors of existing extension modules wrote their code and |
| 670 | solved their problems. |
| 671 | |
| 672 | =head2 I've read perlembed, perlguts, etc., but I can't embed perl in |
| 673 | my C program; what am I doing wrong? |
| 674 | |
| 675 | Download the ExtUtils::Embed kit from CPAN and run `make test'. If |
| 676 | the tests pass, read the pods again and again and again. If they |
| 677 | fail, see L<perlbug> and send a bug report with the output of |
| 678 | C<make test TEST_VERBOSE=1> along with C<perl -V>. |
| 679 | |
| 680 | =head2 When I tried to run my script, I got this message. What does it |
| 681 | mean? |
| 682 | |
| 683 | A complete list of Perl's error messages and warnings with explanatory |
| 684 | text can be found in L<perldiag>. You can also use the splain program |
| 685 | (distributed with Perl) to explain the error messages: |
| 686 | |
| 687 | perl program 2>diag.out |
| 688 | splain [-v] [-p] diag.out |
| 689 | |
| 690 | or change your program to explain the messages for you: |
| 691 | |
| 692 | use diagnostics; |
| 693 | |
| 694 | or |
| 695 | |
| 696 | use diagnostics -verbose; |
| 697 | |
| 698 | =head2 What's MakeMaker? |
| 699 | |
| 700 | This module (part of the standard Perl distribution) is designed to |
| 701 | write a Makefile for an extension module from a Makefile.PL. For more |
| 702 | information, see L<ExtUtils::MakeMaker>. |
| 703 | |
| 704 | =head1 AUTHOR AND COPYRIGHT |
| 705 | |
| 706 | Copyright (c) 1997-1999 Tom Christiansen and Nathan Torkington. |
| 707 | All rights reserved. |
| 708 | |
| 709 | When included as an integrated part of the Standard Distribution |
| 710 | of Perl or of its documentation (printed or otherwise), this works is |
| 711 | covered under Perl's Artistic License. For separate distributions of |
| 712 | all or part of this FAQ outside of that, see L<perlfaq>. |
| 713 | |
| 714 | Irrespective of its distribution, all code examples here are in the public |
| 715 | domain. You are permitted and encouraged to use this code and any |
| 716 | derivatives thereof in your own programs for fun or for profit as you |
| 717 | see fit. A simple comment in the code giving credit to the FAQ would |
| 718 | be courteous but is not required. |