Solved

Giving users username & password

Posted on 2000-05-10
7
262 Views
Last Modified: 2010-03-05
I am trying to give users who enter the site a username & corresponding password.

I can put the username & password into an associative array like this:

%username = ("ABC",101,
             "DEF",102,
             "GHI",103);

Alternatively is it better to put them seperatley into an array as follows:

@username=("ABC","DEF","GHI");
@password=("101","102","103");

I am trying to generate a different password and a different username to be given to the user whenever the site is visited.

I thought that this may involve a loop of some sort.

when the value os given to the user then the value is incremented some how.

I know how to return values from the arrays above by using $username{ABC} for the associative array and $password[0] for the array's.

If anyone has any ideas as to the above or any alternatives that may be easier please let me know.

thank you

Anne.




0
Comment
Question by:annesmith
  • 4
  • 3
7 Comments
 
LVL 16

Expert Comment

by:maneshr
ID: 2797314
here is what i understand from your requirement above...

you want to generate a different password and a different username to users visiting your site.

if that is indeed the case i have a couple of Q's

* would you give a user a username and password from a pre-defined set of usernames and passwords??

Eg . you have 1000 usernames and passwords already created and stored somewhere and you just give them out one-by-one to every user visiting your site (kind of like a token).

* why cant you generate a username/password for the user once and let the user use it to log on to your system?? that way you dont have to worry about having to generate a new username/password fora user who is re-visiting your site.

let me know.
0
 

Author Comment

by:annesmith
ID: 2801645
yes I am wanting to give the users a password and username as they enter the sytem as you said above like a token.

However the other way seems a little more complicated.  If it is this does not matter as long as I can find a way to give out usernames and passwords randomly to users.  i.e from an associative array.

Any of the ways above you have mentioned would work fine.  it depends I suppose upon yourself a simple way would be fine for me such as the token you mentioned above as I could then save this users password and username to a file.

Thanks.

Anne.
0
 
LVL 16

Expert Comment

by:maneshr
ID: 2801664
i personally prefer going for the 2nd method. create username/password once and validate every time after that.

pl. let me know if this is fine with you and i will write a small piece of code that will do the same.

Rgds
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:annesmith
ID: 2806596
Thanks for your reply Maneshr.
Yes that is fine going with your 2nd method.  

It is actualy probably the better of the two.

I just thought it may be a bit tricker but hey after all your the expert.

thanks again.

Anne.
0
 
LVL 16

Accepted Solution

by:
maneshr earned 60 total points
ID: 2811662
i have written 2 script viz. passwd.pl for creating the username and password the first time/for a new user.

the second script - login.pl - would validate if the user has used the proper username and password & if so would show a welcome message to the user.

the password are all encrypted, so even you cant see the actual password. Also the info is stored in a file in the /tmp directory called my_passwd

These scripts are very good and usable starting points for you to build on.

i have peppered the code with a lot of comments so that you can find it easy to read, understand and if need be modify the code too!!

==========passwd.pl
!/usr/local/bin/perl

use CGI;

$query=new CGI;

print "Content-type: text/html\n\n";

if ($query->param){ ##  User clicked on the submit button.
  $pwd_file="/tmp/my_passwd";

  ##  Read the username and password from the HTML form
  $username=$query->param('u_name');
  $newuser=$query->param('pass');

  ##  Some basic validations!!
  if ($username=~ /^$/ || $username=~ /^\s+$/){ ##  Reject Empty username
    print "Username cant be blank!!<P>\n";
  }else{
    if ($username=~ /^$/ || $username=~ /^\s+$/){ ##  Reject Empty password
      print "Password cant be blank!!<P>\n";
    }else{

      if (-e $pwd_file){  ##  Open the password file, if it already exist!!
        ##  Check if the username has already been taken
        open(PWD,$pwd_file) || die $!;
        @pwds=<PWD>;
       close(PWD);
      }

      ##  Store the existing username/passwords in a hash/associative
      ##  Array. the username is the key to the array.
      foreach(@pwds){
        ($uname,$pwd)=split(/\t/,$_);
        chomp($pwd);  ##  Remove the enter char.
        $PASSWD{$uname}=$pwd;
      }

      if ($PASSWD{$username}){  ##  Username already taken!!
        print "Please use some other username<P>\n";
      }else{  ##  ALL is OK!!
        ##  Use the Process id & time to generate the salt.
        srand($$|time);                                 # random seed
        @saltchars=(a..z,A..Z,0..9,'.','/');            # valid salt chars
        $salt=$saltchars[int(rand($#saltchars+1))];     # first random salt cha
r
        $salt.=$saltchars[int(rand($#saltchars+1))];    # second random salt ch
ar
        ##  Encrypt the password
        $newuser = crypt ($newuser, $salt);

        $PASSWD{$username}=$newuser;
        ##  Write this new username/password to the file
        open(PASS,">$pwd_file") || die $!;
        foreach(keys %PASSWD){
          print PASS $_."\t".$PASSWD{$_},"\n";
        }
        close(PASS);

        print "<B>Welcome, Your account is now ready!!</B><P>\n";
        exit;
      }
    }
  }
}

print qq{
  <form method=POST action="$ENV{SCRIPT_NAME}">
  <b>Enter username </B><input type=text name=u_name><BR>
  <b>Enter password </B><input type=password name=pass><P>
  <INPUT TYPE=submit>
  </form>
};

=================login.pl
#!/usr/local/bin/perl

use CGI;

$query=new CGI;

print "Content-type: text/html\n\n";

if ($query->param){ ##  User clicked on the submit button.
  $pwd_file="/tmp/my_passwd";

  ##  Read the username and password from the HTML form
  $username=$query->param('u_name');
  $newuser=$query->param('pass');

  ##  Some basic validations!!
  if ($username=~ /^$/ || $username=~ /^\s+$/){ ##  Reject Empty username
    print "Username cant be blank!!<P>\n";
  }else{
    if ($newuser=~ /^$/ || $newuser=~ /^\s+$/){ ##  Reject Empty password
      print "Password cant be blank!!<P>\n";
    }else{

      if (-e $pwd_file){  ##  Open the password file, if it already exist!!
        ##  Check if the username has already been taken
        open(PWD,$pwd_file) || die $!;
        @pwds=<PWD>;
        close(PWD);
      }

      ##  Store the existing username/passwords in a hash/associative
      ##  Array. the username is the key to the array.
      foreach(@pwds){
        ($uname,$pwd)=split(/\t/,$_);
        chomp($pwd);  ##  Remove the enter char.
        $PASSWD{$uname}=$pwd;
      }

      if ($PASSWD{$username}){  ##  Username exists in our file!!
        ##  Extract the salt from the original password!!
        $salt=substr($PASSWD{$username},0,2);

        if ( crypt($newuser,$salt) eq $PASSWD{$username}){    ##  Valid user!!
          print "<B>Welcome $username, You have logged in successfully!!</B><P>
\n";
          exit;
        }else{
          print "Invalid password\n";
        }
      }else{  ##  Invalid Username
        print "Please use a valid username<P>\n";
      }
    }
  }
}

print qq{
  <form method=POST action="$ENV{SCRIPT_NAME}">
  <b>Enter username </B><input type=text name=u_name><BR>
  <b>Enter password </B><input type=password name=pass><P>
  <INPUT TYPE=submit name=Login>
  </form>
};
===========================================
0
 

Author Comment

by:annesmith
ID: 2818956
Thanks very much for your Help.

The program is working perfectly thanks to your expert help.

thanks you.

Anne.
0
 
LVL 16

Expert Comment

by:maneshr
ID: 2819011
Glad to know that your problem was solved.

most welcome :-)


Rgds
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Perl, group, sort, count question 6 141
PERL variable conundrum 9 94
Regular Expression for URL 10 102
Perl Snippet to Parse String 1 22
Email validation in proper way is  very important validation required in any web pages. This code is self explainable except that Regular Expression which I used for pattern matching. I originally published as a thread on my website : http://www…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question