Matt's Script Archive
Encyclopedia
Matt's Script Archive is a collection of CGI
scripts written in Perl
. Started in 1995 by Matt Wright (at the time a high school student in Fort Collins, Colorado), the archive contains about a dozen free scripts, designed to be easily added to a site and configured. One of the scripts, FormMail
, is claimed to be the most popular CGI script on the World Wide Web
, with over 2 million downloads since 1997.
As the scripts grew in popularity they were criticized for being insecure. The FormMail.pl script, in particular, was exploited by spammers
to send junk email. SecurityFocus put attacks based on FormMail.pl third in their list of the Top Attacks for the 1st Quarter of 2002. As Perl 5 became more mature, norms in the community changed to encourage use of modules such as CGI.pm
and code safety features such as strictures and taint checking; the scripts in Matt's Script Archive, however, did not follow these changes, and as a result (and also because Matt Wright wrote much of the code when he was a less-experienced programmer) tend to be buggy. Experienced Perl programmers usually recommend against the use of these scripts, and the London Perl Mongers started an effort called nms to write drop-in replacements for them. Matt Wright himself has recommended using the nms scripts, saying:
Most of the scripts at Matt's Script Archive ceased to be updated after 1996, with the exception of major security flaws or bugs.
Common Gateway Interface
The Common Gateway Interface is a standard method for web servers software to delegate the generation of web pages to executable files...
scripts written in Perl
Perl
Perl is a high-level, general-purpose, interpreted, dynamic programming language. Perl was originally developed by Larry Wall in 1987 as a general-purpose Unix scripting language to make report processing easier. Since then, it has undergone many changes and revisions and become widely popular...
. Started in 1995 by Matt Wright (at the time a high school student in Fort Collins, Colorado), the archive contains about a dozen free scripts, designed to be easily added to a site and configured. One of the scripts, FormMail
FormMail
Formmail and its many variants, is a free open source web server CGI script that captures and processes form contents and then typically e-mails them to one or more recipients....
, is claimed to be the most popular CGI script on the World Wide Web
World Wide Web
The World Wide Web is a system of interlinked hypertext documents accessed via the Internet...
, with over 2 million downloads since 1997.
As the scripts grew in popularity they were criticized for being insecure. The FormMail.pl script, in particular, was exploited by spammers
Spam email delivery
Since Internet users and system administrators have deployed a vast array of techniques to block, filter, or otherwise banish spam from users' mailboxes and almost all Internet service providers forbid the use of their services to send spam or to operate spam-support services, special techniques...
to send junk email. SecurityFocus put attacks based on FormMail.pl third in their list of the Top Attacks for the 1st Quarter of 2002. As Perl 5 became more mature, norms in the community changed to encourage use of modules such as CGI.pm
CGI.pm
CGI.pm is a large and widely used Perl module for programming Common Gateway Interface web applications, providing a consistent API for receiving user input and producing HTML or XHTML output....
and code safety features such as strictures and taint checking; the scripts in Matt's Script Archive, however, did not follow these changes, and as a result (and also because Matt Wright wrote much of the code when he was a less-experienced programmer) tend to be buggy. Experienced Perl programmers usually recommend against the use of these scripts, and the London Perl Mongers started an effort called nms to write drop-in replacements for them. Matt Wright himself has recommended using the nms scripts, saying:
I would highly recommend downloading the nms versions if you wish to learn CGI programming. The code you find at Matt's Script Archive is not representative of how even I would code these days.
Most of the scripts at Matt's Script Archive ceased to be updated after 1996, with the exception of major security flaws or bugs.