asked on

Grab Value For Script and How To Use It

our customers, after payinging, end up at a page with the code below, then they click on the submit button on the
page:
form.html-----------------------------

<html>
<body bgcolor="#FFFFFF">
<center>
<table width="600">
<tr><td colspan="2"> rcpt header
</td></tr>
<tr>
<td align="center" colspan="2">
<form method="POST" action="http://www.mydomain.com/cgi-bin/myscript.cgi">

<input type="hidden" name="INVOICE" value="1001">

<input type="hidden" name="DESCRIPTION" value="">

<input type="hidden" name="AMOUNT" value="$1.00">

<input type="hidden" name="CUSTID" value="4">

<input type="hidden" name="TYPE" value="NA">

<input type="hidden" name="METHOD" value="MasterCard">

<input type="hidden" name="NAME" value="vern keller">

<input type="hidden" name="ADDRESS" value="1922 some rd">

<input type="hidden" name="CITY" value="phoenix">

<input type="hidden" name="STATE" value="or">

<input type="hidden" name="ZIP" value="82370">

<input type="hidden" name="COUNTRY" value="USA">

<input type="hidden" name="PHONE" value="212-673-4637">

<input type="hidden" name="FAX" value="">

<input type="hidden" name="EMAIL" value="admin@mydomain.com">
<input type="submit" value="Continue">
</form>
</td>
</tr>
</table>
</center>
</body>
</html>

----------------------------

What I need is to have the script it is posting to (myscript.cgi below)grab the CUSTID value (in the above example it is 4) and turn that into a variable at the very beginning of the script that I can use in an if/else........

myscript.cgi--------------------------------------------------

#!/usr/local/bin/perl
require "cfgdafpass.pl";
$goodreferer = "http://www.mydomain.com/testvk1.html";
$badferer = "http://www.mydomain.com/else.html";
$htpasswd_FILE = 'D:/host/123.456.789.12/http/test.txt';
$logfile = 'D:/host/123.456.789.12/http/dafcc.log';
$mailprog = '';
$cgiurl = 'http://www.mydomain.com/cgi-bin/myscript.cgi';
$aua = '1';
$adminmail = "admin\@mydomain.com";
$adminname = "admin";
$adminpwd = "http://www.mydomain.com/admin.pwd";
$homepage = "Daf Cc Signup";
$thirtydays = "2592000";
$user1 = "user1";
$pass1 = "ntpass1";

&parse;

if($FORM{'action'} eq "regform") { ®form; }
elsif($FORM{'action'} eq "reg") { ® }
elsif($FORM{'action'} eq "rmfrm") { &rmfrm; }
elsif($FORM{'u'} eq "Delete User") { &rm; }
elsif($FORM{'a'} eq "Admin Override") { &rma; }
elsif($FORM{'action'} eq "lupfrm") { &lupfrm; }
elsif($FORM{'action'} eq "lup") { &lup; }
elsif($FORM{'action'} eq "apfrm") { &changepass; }
elsif($FORM{'action'} eq "changepass2") { &changepass2; }
elsif($FORM{'action'} eq "gen") { &gen; }
elsif($FORM{'action'} eq "gen2") { &gen2; }
else { &menu; }

sub menu {
if ($ENV{'HTTP_REFERER'} ne $goodreferer) {
print "Location: $badreferer\n\n";
exit 0;
}
else
{
&Header("Signup","Signup");
print "<center><form action=\"$cgiurl\" method=\"POST\"><input type=\"hidden\" name=\"action\"
value=\"regform\">\n";
print "<input type=\"submit\" value=\"Choose Username and Password\"></form><p>\n";
print "<center><form action=\"$cgiurl\" method=\"POST\"><input type=\"hidden\" name=\"action\"
value=\"rmfrm\">\n";

&Footer;
}

sub regform
{
&Header("Choose","Choose","Username and Password");
print "<center><font color=#000080>Please fill out the form below:</font></center><br>\n";
print "<center><font color=#000080 size=-1><b>Correct email is required or membership will be
cancelled</b></font></center><p>\n";
print "<form method=\"POST\" action=\"$cgiurl\"><center>\n";
print "<table border=\"0\" width=\"45%\"><tr>\n";
print "<td width=\"41%\">Name:</td><td width=\"59%\">\n";
print "<input type=\"text\" name=\"name\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">Email address:</td><td width=\"59%\">\n";
print "<input type=\"text\" name=\"email\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">Login name:</td><td width=\"59%\">\n";
print "<input type=\"text\" name=\"username\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">Password:</td><td width=\"59%\">\n";
print "<input type=\"password\" name=\"password\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">And again:</td><td width=\"59%\">\n";
print "<input type=\"password\" name=\"password2\" size=\"20\"></td></tr>\n";
if($aua eq "0") {
print "<tr><td width=\"41%\">Admin Password:</td><td width=\"59%\">\n";
print "<input type=\"password\" name=\"adpasswd\" size=\"20\"></td></tr>\n";
}
print "</table><input type=\"hidden\" name=\"action\" value=\"reg\">\n";
print "<input type=\"submit\" value=\"Add User\"></form></center>\n";
&Footer;
}

sub reg
{
if($aua eq "0") {
open(ADM,"$adminpwd") || &error('File Error on password file');
$adm = <ADM>;
close(ADM);
if($FORM{'adpasswd'} eq $adm) { goto register; }
else { &error('Invalid password entered.'); }
}
else {
register:
open(HTPASS,"<$htpasswd_FILE") || &error('Could not find specified file');
@htpasswd = <HTPASS>;
close(HTPASS);

if($FORM{'username'} =~ /:/){&error('Do not use : in your username');}
if($FORM{'username'} =~ /\s/){&error('Do not use spaces in your username');}
if($FORM{'username'} eq ""){&error('No username entered');}
if($FORM{'password'} eq ""){&error('No password entered');}
if($FORM{'password'} ne $FORM{'password2'}){
&error('Your first password did not match your second');}
if(@match = grep(/^$FORM{'username'}:/, @htpasswd)){
&error("The username, $FORM{'username'} is already in use. Please click on back and choose another
one.");}

$salt1 = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./';
$salt = substr($salt1,rand(length($salt1)),1);
$salt .= substr($salt1,rand(length($salt1)),1);
$password = crypt($FORM{'password'},$salt);

{
$now = time();

$timeStr = &manageDate( $now );
print "\$now = $now\n\$timeStr = \"$timeStr\"\n";
}

sub manageDate
{
local( $time_t ) = @_;

($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime( $time_t );

$year += 1900;
$mon++;

$str = sprintf( "%4.4d-%2.2d-%2.2d", $year, $mon, $mday );

$str;
}

open(HTPASS,">>$htpasswd_FILE") || &error('Could not find specified file');
$datestr = &manageDate( $thirtydays+$now );
print HTPASS "$FORM{'username'}:$FORM{'password'}, $ntuser:$ntpass, $datestr\n";
close(HTPASS);

open(LOG, ">>$logfile") || &error('Could not find specified file');
print LOG "$FORM{'username'}|$FORM{'name'}|$FORM{'email'}|$FORM{'password'}|$timeStr\n";
close(LOG);

&Header("Membership Confirmation","Please Continue");
print "<center><font color=#000080>Thank You $FORM{'name'}!</font></center><p>\n";
print "<center>Please <a href=\"http://www.mydomain.com/home.htm\"><b>
CONTINUE</b></a></center>";
&Footer;
}
}
}

vernk

ASKER

Edited text of question

ASKER CERTIFIED SOLUTION

sdjjm

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

vernk

ASKER

sdjjm,
Thank you! I am truly a beginner, how would i get the CUSTID into a variable like $custid, and where would I do that in the script?

sdjjm

It's already in a usable variable called $value[3] after you call the parse subroutine, but if you don't like that name (or plan on parsing more form info later in your script), you can always assign another name to it like this
$custid = $value[3];

You would put that command right after your "&parse" subroutine call.
Your other data is also in the @value array by the way.... For example, your METHOD credit card info should be in $value[5]... It's always one less than the sequence in your HTML form, because the first field is stored in $value[0]... This would make the data from your first form field "INVOICE" available in $value[0]...
Hey, that's a heck of a script for a beginner! Good luck on it! :-)

vernk

ASKER

Thank you! I do appreciate the help......heres an xtra 50 for ya.....

vernk

ASKER

ok, i put the sub parse in rite after the &parse call and the new $custid variable in a place that should write that value to a file as part of a string......I put ##comments below......what did i do wrong?

#!/usr/local/bin/perl
require "cfgdafpass.pl";
$goodreferer = "http://www.mydomain.com/testvk1.html";
$badferer = "http://www.mydomain.com/else.html";
$htpasswd_FILE = 'D:/host/123.456.789.12/http/test.txt';
$logfile = 'D:/host/123.456.789.12/http/dafcc.log';
$mailprog = '';
$cgiurl = 'http://www.mydomain.com/cgi-bin/myscript.cgi';
$aua = '1';
$adminmail = "admin\@mydomain.com";
$adminname = "admin";
$adminpwd = "http://www.mydomain.com/admin.pwd";
$homepage = "Daf Cc Signup";
$thirtydays = "2592000";
$user1 = "user1";
$pass1 = "ntpass1";

&parse;
sub parse {
read(STDIN,$user_string,$ENV{'CONTENT_LENGTH'});
if (length($ENV{'QUERY_STRING'})>0) {$user_string=$ENV{'QUERY_STRING'}};
$user_string =~ s/\+/ /g;
@name_value_pairs = split(/&/,$user_string);
foreach $name_value_pair (@name_value_pairs) {
($keyword,$value) = split(/=/,$name_value_pair);
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/ge;
push(@value, "$value");
$user_data{$keyword} = $value;
};
};
##then i put this here
$custid = $value[3];

if($FORM{'action'} eq "regform") { &form; }
elsif($FORM{'action'} eq "reg") { ® }
elsif($FORM{'action'} eq "rmfrm") { &rmfrm; }
elsif($FORM{'u'} eq "Delete User") { &rm; }
elsif($FORM{'a'} eq "Admin Override") { &rma; }
elsif($FORM{'action'} eq "lupfrm") { &lupfrm; }
elsif($FORM{'action'} eq "lup") { &lup; }
elsif($FORM{'action'} eq "apfrm") { &changepass; }
elsif($FORM{'action'} eq "changepass2") { &changepass2; }
elsif($FORM{'action'} eq "gen") { &gen; }
elsif($FORM{'action'} eq "gen2") { &gen2; }
else { &menu; }

sub menu {
if ($ENV{'HTTP_REFERER'} ne $goodreferer) {
print "Location: $badreferer\n\n";
exit 0;
}
else
{
&Header("Signup","Signup");
print "<center><form action=\"$cgiurl\" method=\"POST\"><input type=\"hidden\" name=\"action\"
value=\"regform\">\n";
print "<input type=\"submit\" value=\"Choose Username and Password\"></form><p>\n";
print "<center><form action=\"$cgiurl\" method=\"POST\"><input type=\"hidden\" name=\"action\"
value=\"rmfrm\">\n";

&Footer;
}

sub regform
{
&Header("Choose","Choose","Username and Password");
print "<center><font color=#000080>Please fill out the form below:</font></center><br>\n";
print "<center><font color=#000080 size=-1><b>Correct email is required or membership will be
cancelled</b></font></center><p>\n";
print "<form method=\"POST\" action=\"$cgiurl\"><center>\n";
print "<table border=\"0\" width=\"45%\"><tr>\n";
print "<td width=\"41%\">Name:</td><td width=\"59%\">\n";
print "<input type=\"text\" name=\"name\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">Email address:</td><td width=\"59%\">\n";
print "<input type=\"text\" name=\"email\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">Login name:</td><td width=\"59%\">\n";
print "<input type=\"text\" name=\"username\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">Password:</td><td width=\"59%\">\n";
print "<input type=\"password\" name=\"password\" size=\"20\"></td></tr>\n";
print "<tr><td width=\"41%\">And again:</td><td width=\"59%\">\n";
print "<input type=\"password\" name=\"password2\" size=\"20\"></td></tr>\n";
if($aua eq "0") {
print "<tr><td width=\"41%\">Admin Password:</td><td width=\"59%\">\n";
print "<input type=\"password\" name=\"adpasswd\" size=\"20\"></td></tr>\n";
}
print "</table><input type=\"hidden\" name=\"action\" value=\"reg\">\n";
print "<input type=\"submit\" value=\"Add User\"></form></center>\n";
&Footer;
}

sub reg
{
if($aua eq "0") {
open(ADM,"$adminpwd") || &error('File Error on password file');
$adm = <ADM>;
close(ADM);
if($FORM{'adpasswd'} eq $adm) { goto register; }
else { &error('Invalid password entered.'); }
}
else {
register:
open(HTPASS,"<$htpasswd_FILE") || &error('Could not find specified file');
@htpasswd = <HTPASS>;
close(HTPASS);

if($FORM{'username'} =~ /:/){&error('Do not use : in your username');}
if($FORM{'username'} =~ /\s/){&error('Do not use spaces in your username');}
if($FORM{'username'} eq ""){&error('No username entered');}
if($FORM{'password'} eq ""){&error('No password entered');}
if($FORM{'password'} ne $FORM{'password2'}){
&error('Your first password did not match your second');}
if(@match = grep(/^$FORM{'username'}:/, @htpasswd)){
&error("The username, $FORM{'username'} is already in use. Please click on back and choose another
one.");}

$salt1 = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./';
$salt = substr($salt1,rand(length($salt1)),1);
$salt .= substr($salt1,rand(length($salt1)),1);
$password = crypt($FORM{'password'},$salt);

{
$now = time();

$timeStr = &manageDate( $now );
print "\$now = $now\n\$timeStr = \"$timeStr\"\n";
}

sub manageDate
{
local( $time_t ) = @_;

($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime( $time_t );

$year += 1900;
$mon++;

$str = sprintf( "%4.4d-%2.2d-%2.2d", $year, $mon, $mday );

$str;
}

open(HTPASS,">>$htpasswd_FILE") || &error('Could not find specified file');
$datestr = &manageDate( $thirtydays+$now );
print HTPASS "$FORM{'username'}:$FORM{'password'},
##I want the value to print here, where i put $custid
$ntuser:$custid, $datestr\n";
close(HTPASS);

open(LOG, ">>$logfile") || &error('Could not find specified file');
print LOG "$FORM{'username'}|$FORM{'name'}|$FORM{'email'}|$FORM{'password'}|$timeStr\n";
close(LOG);

&Header("Membership Confirmation","Please Continue");
print "<center><font color=#000080>Thank You $FORM{'name'}!</font></center><p>\n";
print "<center>Please <a href=\"http://www.mydomain.com/home.htm\"><b>
CONTINUE</b></a></center>";
&Footer;
}
}
}

##I appreciate any help.....

sdjjm

What results are you getting? This is a pretty tough script to look through, but unless I'm missing it I don't see the variable $FORM being assigned anywhere. (Unless it's getting this data from someplace else you didn't paste here...)

Try adding a "print "$custid\n";" right after the "$custid = $value[3]; " to make sure your data is being assigned properly after your parse operation. If it is, then your problems are happening later down in the script. I always test new scripts by throwing in print statements that I later delete to show me if things are happening the way I want them to...

sdjjm

sheeesh!...server was acting funny and I had to hit the SUBMIT button 3 times before I got a response...sorry bout that :-)

vernk

ASKER

Hello again....i have been at this thing for 2 days....ahhhhhhh....ok, here is how it all works:

Customer gets reciept page (testvk.html) and pushes button that sends them, and
passes the CUSTID value to the passing.cgi script.

The passing.cgi script creates a button based on the CUSTID value that was passed from the
testvk.html page and the customer pushes it. This takes him to the dafpass.cgi script and passes
the CUSTID to the dafpass.cgi script where the customer enters their desired username:password
and the script writes to a log file (dafcc.txt) and a user:password file.
The dafpass.cgi uses the cfgdafpass.cgi for the header, footer, and parse functions.

I need to be able to reassign the $ntuser and $ntpass variables to new values based on the CUSTID
value for when the script writes to the log file and the user:pw files.

My problem is parsing and using the CUSTID value on the dafpass.cgi script

I have zipped up the files (except for the user:pw and log files) and put them on the web as a .zip file. If you want to take a look email me at admin@signworld.com

I will give you 200 points (not much, but almost all i got) if you can get the damn dafpass.cgi to the point where i can use the CUSTID value in it.........