gids_w
asked on
Simple User validation
I need users to veiw specific pages on my site, the pages they view depend on the User Name and password they use. I need this to be as simple as possible, without the use of databases etc.. The data is not particularly sensitive so the solution doesn't have to be very secure. I need the quick fix to prove to investors that the site works.
Any help would be much appreciated
Any help would be much appreciated
I think a simple text database with a cgi script is the way to go. You could store the username, password, and url in the database, when the username is entered, the cgi-script compares the data to see if the password matches, then redirects to the url.
The form might look something like this:
<form name="chkusr" method="post" action="../cgi-bin/usrdata .db">
<p align="left">
Username:&bnsp;<input name="user"><br>
Password:&bnsp;<input name="pass"><br>
<br>
<br>
<input type="submit" name="submit" value="submit">
</p>
</form>
The datafile might be named "usrdata.db" and look something like this:
user1, password, http://fibdev.com
user2, password, https://www.experts-exchange.com
user3, password, http://www.download.com
Lastly, the cgi script may look something like this:
#!/usr/bin/perl
#
#
# Search user file and produce results
# Author: G. M. Faggiano
# Copyright 2000 Fibdev Software, Inc.
# All rights reserved
#
#
$datafile = "/www/cgi-bin/usrdata.db";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
$value =~ s/~!/ ~!/g;
$FORM{$name} = $value;
}
$searchstr = $FORM{'username'};
open(INF,$datafile);
@mydata = <INF>;
close(INF);
@results = grep(/$searchstr/i,@mydata );
print "Content-type:text/html\n\ n";
if ($#results >= 0) {
foreach $i (@results) {
chomp($i);
($username, $password, $url) = split(/\|/,$i);
if $form{'password'} <> $password then
print "Incorrect password"
print "<a href="javascript:history(- 1)>Back</a >
If $form{'password'} == $password then
sub MoveToWelcom {
print "Location:$url \n\n";
}
}
} else {
print "No results found.<p>\n";
}
There are probably serveral errors in this script, I didn't check it and perl is not my strong suit by any means. This is just to give you an idea and if you show it to someone who knows perl, they can probably correct it or re-write it to suit your needs.
Good luck
<form name="chkusr" method="post" action="../cgi-bin/usrdata
<p align="left">
Username:&bnsp;<input name="user"><br>
Password:&bnsp;<input name="pass"><br>
<br>
<br>
<input type="submit" name="submit" value="submit">
</p>
</form>
The datafile might be named "usrdata.db" and look something like this:
user1, password, http://fibdev.com
user2, password, https://www.experts-exchange.com
user3, password, http://www.download.com
Lastly, the cgi script may look something like this:
#!/usr/bin/perl
#
#
# Search user file and produce results
# Author: G. M. Faggiano
# Copyright 2000 Fibdev Software, Inc.
# All rights reserved
#
#
$datafile = "/www/cgi-bin/usrdata.db";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9]
$value =~ s/~!/ ~!/g;
$FORM{$name} = $value;
}
$searchstr = $FORM{'username'};
open(INF,$datafile);
@mydata = <INF>;
close(INF);
@results = grep(/$searchstr/i,@mydata
print "Content-type:text/html\n\
if ($#results >= 0) {
foreach $i (@results) {
chomp($i);
($username, $password, $url) = split(/\|/,$i);
if $form{'password'} <> $password then
print "Incorrect password"
print "<a href="javascript:history(-
If $form{'password'} == $password then
sub MoveToWelcom {
print "Location:$url \n\n";
}
}
} else {
print "No results found.<p>\n";
}
There are probably serveral errors in this script, I didn't check it and perl is not my strong suit by any means. This is just to give you an idea and if you show it to someone who knows perl, they can probably correct it or re-write it to suit your needs.
Good luck
Fixes for the query cgi (still not free of bugs, recommend having it looked at)
#!/usr/bin/perl
#
#
# Search user file and produce results
# Author: G. M. Faggiano
# Copyright 2000 Fibdev Software, Inc.
# All rights reserved
#
#
$datafile = "/www/cgi-bin/usrdata.db";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
$value =~ s/~!/ ~!/g;
$FORM{$name} = $value;
}
$searchstr = $FORM{'user'};
open(INF,$datafile);
@mydata = <INF>;
close(INF);
@results = grep(/$searchstr/i,@mydata );
print "Content-type:text/html\n\ n";
<<EndHTML
<html>
<head>
<title></title>
</head>
<body>
EndHTML;
if ($#results >= 0) {
foreach $i (@results) {
chomp($i);
($user, $pass, $url) = split(/\|/,$i);
if $form{'password'} <> $pass then
print "Incorrect password"
print "<a href="javascript:history(- 1)>Back</a >
If $form{'password'} == $pass then
sub MoveToWelcome {
print "Location:$url \n\n";
}
}
} else {
print "No results found.<p>\n";
}
<<EndHTML
</body>
</html>
EndHTML;
Use this one to write to the db file:
#!/usr/bin/perl
#========================= ========
# Data Entry Cgi
#========================= ========
print "Content-type:text/html\n\ n";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9] )/pack("C" , hex($1))/eg;
$value =~ s/\n/ /g;# added to strip line breaks
$FORM{$name} = $value;
}
open(OUTF,">>/www/cgi-bin/ usrdata.db ") or dienice("Couldn't open
usrdata.db for writing: $!");
print OUTF "$FORM{'user'}|$FORM{'pass '}|$FORM{' url'}\n";
close(OUTF);
print <<EndHTML;
<html>
<head>
<title>Thank You</title>
</head>
<body link="#FFFFFF" vlink="#FFFFFF" alink="#00FFFF" bgcolor="#C0C0C0">
<h4>Thank You!</h4><br>
<hr size="1" width="80%"><br>
<p>Your entry has been added<br><br>
<a href="javascript:history.b ack(1)">Ad d another entry?</a><br>
</p>
</body></html>
EndHTML
sub dienice {
my($msg) = @_;
print "<h2>Error</h2>\n";
print $msg;
exit;
}
#!/usr/bin/perl
#
#
# Search user file and produce results
# Author: G. M. Faggiano
# Copyright 2000 Fibdev Software, Inc.
# All rights reserved
#
#
$datafile = "/www/cgi-bin/usrdata.db";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9]
$value =~ s/~!/ ~!/g;
$FORM{$name} = $value;
}
$searchstr = $FORM{'user'};
open(INF,$datafile);
@mydata = <INF>;
close(INF);
@results = grep(/$searchstr/i,@mydata
print "Content-type:text/html\n\
<<EndHTML
<html>
<head>
<title></title>
</head>
<body>
EndHTML;
if ($#results >= 0) {
foreach $i (@results) {
chomp($i);
($user, $pass, $url) = split(/\|/,$i);
if $form{'password'} <> $pass then
print "Incorrect password"
print "<a href="javascript:history(-
If $form{'password'} == $pass then
sub MoveToWelcome {
print "Location:$url \n\n";
}
}
} else {
print "No results found.<p>\n";
}
<<EndHTML
</body>
</html>
EndHTML;
Use this one to write to the db file:
#!/usr/bin/perl
#=========================
# Data Entry Cgi
#=========================
print "Content-type:text/html\n\
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9]
$value =~ s/\n/ /g;# added to strip line breaks
$FORM{$name} = $value;
}
open(OUTF,">>/www/cgi-bin/
usrdata.db for writing: $!");
print OUTF "$FORM{'user'}|$FORM{'pass
close(OUTF);
print <<EndHTML;
<html>
<head>
<title>Thank You</title>
</head>
<body link="#FFFFFF" vlink="#FFFFFF" alink="#00FFFF" bgcolor="#C0C0C0">
<h4>Thank You!</h4><br>
<hr size="1" width="80%"><br>
<p>Your entry has been added<br><br>
<a href="javascript:history.b
</p>
</body></html>
EndHTML
sub dienice {
my($msg) = @_;
print "<h2>Error</h2>\n";
print $msg;
exit;
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Adjusted points to 103
ASKER
Mandyf,
absolutely spot on, just what I needed, Thanks very much
absolutely spot on, just what I needed, Thanks very much
<% If password = request.form("psw") then
response.redirect "game.htm"
end if
%>