Solved

Simple User validation

Posted on 2000-02-28
7
154 Views
Last Modified: 2013-12-24
I need users to veiw specific pages on my site, the pages they view depend on the User Name and password they use. I need this to be as simple as possible, without the use of databases etc.. The data is not particularly sensitive so the solution doesn't have to be very secure. I need the quick fix to prove to investors that the site works.

Any help would be much appreciated
0
Comment
Question by:gids_w
7 Comments
 
LVL 6

Expert Comment

by:Marine
Comment Utility
ok the problem you going to have is this. Every user that comes on the site must have the same password then as all other users. THen you simple check if the password he entered is the same as it's in hardcoded then you allow him to acces the site. Something like this.
<% If password = request.form("psw") then
   response.redirect "game.htm"
   end if
%>
0
 
LVL 3

Expert Comment

by:fibdev
Comment Utility
I think a simple text database with a cgi script is the way to go.  You could store the username, password, and url in the database, when the username is entered, the cgi-script compares the data to see if the password matches, then redirects to the url.
0
 
LVL 3

Expert Comment

by:fibdev
Comment Utility
The form might look something like this:

<form name="chkusr" method="post" action="../cgi-bin/usrdata.db">
  <p align="left">
  Username:&bnsp;<input name="user"><br>
  Password:&bnsp;<input name="pass"><br>
  <br>
  <br>
  <input type="submit" name="submit" value="submit">
  </p>
</form>


The datafile might be named "usrdata.db" and look something like this:

user1, password, http://fibdev.com
user2, password, http://www.experts-exchange.com
user3, password, http://www.download.com


Lastly, the cgi script may look something like this:

#!/usr/bin/perl
#
#
# Search user file and produce results
# Author: G. M. Faggiano
# Copyright 2000 Fibdev Software, Inc.
# All rights reserved
#
#
$datafile = "/www/cgi-bin/usrdata.db";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
    ($name, $value) = split(/=/, $pair);
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ s/~!/ ~!/g;
    $FORM{$name} = $value;
}

$searchstr = $FORM{'username'};

open(INF,$datafile);
@mydata = <INF>;
close(INF);
@results = grep(/$searchstr/i,@mydata);
print "Content-type:text/html\n\n";

if ($#results >= 0) {
    foreach $i (@results) {
      chomp($i);
      ($username, $password, $url) = split(/\|/,$i);

if $form{'password'} <> $password then
print "Incorrect password"
print "<a href="javascript:history(-1)>Back</a>

If $form{'password'} == $password then
sub MoveToWelcom {
      print "Location:$url \n\n";
            }

    }
} else {
    print "No results found.<p>\n";
}


There are probably serveral errors in this script, I didn't check it and perl is not my strong suit by any means.  This is just to give you an idea and if you show it to someone who knows perl, they can probably correct it or re-write it to suit your needs.

Good luck
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 3

Expert Comment

by:fibdev
Comment Utility
Fixes for the query cgi (still not free of bugs, recommend having it looked at)

#!/usr/bin/perl
#
#
# Search user file and produce results
# Author: G. M. Faggiano
# Copyright 2000 Fibdev Software, Inc.
# All rights reserved
#
#
$datafile = "/www/cgi-bin/usrdata.db";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
    ($name, $value) = split(/=/, $pair);
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ s/~!/ ~!/g;
    $FORM{$name} = $value;
}

$searchstr = $FORM{'user'};

open(INF,$datafile);
@mydata = <INF>;
close(INF);
@results = grep(/$searchstr/i,@mydata);
print "Content-type:text/html\n\n";

<<EndHTML
<html>
<head>
<title></title>
</head>
<body>
EndHTML;
if ($#results >= 0) {
    foreach $i (@results) {
chomp($i);
($user, $pass, $url) = split(/\|/,$i);

if $form{'password'} <> $pass then
print "Incorrect password"
print "<a href="javascript:history(-1)>Back</a>

If $form{'password'} == $pass then
sub MoveToWelcome {
print "Location:$url \n\n";
}

    }
} else {
    print "No results found.<p>\n";
}

<<EndHTML
</body>
</html>
EndHTML;





Use this one to write to the db file:

#!/usr/bin/perl
#=================================
# Data Entry Cgi
#=================================
print "Content-type:text/html\n\n";

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
    ($name, $value) = split(/=/, $pair);
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

    $value =~ s/\n/ /g;# added to strip line breaks

    $FORM{$name} = $value;
}

open(OUTF,">>/www/cgi-bin/usrdata.db") or dienice("Couldn't open
usrdata.db for writing: $!");

    print OUTF "$FORM{'user'}|$FORM{'pass'}|$FORM{'url'}\n";

    close(OUTF);


print <<EndHTML;
<html>
<head>
<title>Thank You</title>
</head>
<body link="#FFFFFF" vlink="#FFFFFF" alink="#00FFFF" bgcolor="#C0C0C0">
<h4>Thank You!</h4><br>
<hr size="1" width="80%"><br>
<p>Your entry has been added<br><br>
<a href="javascript:history.back(1)">Add another entry?</a><br>
</p>
</body></html>
EndHTML

sub dienice {
    my($msg) = @_;
    print "<h2>Error</h2>\n";
    print $msg;
    exit;
}

0
 

Accepted Solution

by:
mandyf earned 103 total points
Comment Utility
Hi gids w,

This is simple javascript to validation of user name and password. Hope to userful to you.

<HTML>
<HEAD>
<TITLE>Password protection</TITLE>
<SCRIPT language="javascript">
<!-- hide javascript from old browser
var password = prompt("Input your password !","")

if (password == 'abc') {
self.location = 'ok.html'
}

else {
self.location = 'wrong.html'
}

// done hiding -->
</SCRIPT>
<HEAD>
<BODY bgcolor="#ffffff"> </BODY>
</HTML>
0
 
LVL 1

Author Comment

by:gids_w
Comment Utility
Adjusted points to 103
0
 
LVL 1

Author Comment

by:gids_w
Comment Utility
Mandyf,
absolutely spot on, just what I needed, Thanks very much
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

When deciding to adopt any help desk solutions many factors should be explored before taking decisions. This will change from business to another but in general there are some kind of rule of thumb. Here are some quick tips: Do we need only ticket…
When setting up new project requests for our site, one of the most powerful tools our team has available to use is Axure (http://www.axure.com/). It’s a tool for creating software and web prototypes that can function and interact as if it were the a…
The purpose of this video is to demonstrate how to add AdSense Ads to a WordPress Website, and how to set up WordPress to automatically place Ads in Sidebars. This will be demonstrated using a Windows 8 PC. Log into your AdSense account. : Cli…
The purpose of this video is to demonstrate how to set up the permalinks on a WordPress Website. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp-login.php : Go t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now