Solved

different logins lead to different pages - one more problem...

Posted on 2001-08-06
8
186 Views
Last Modified: 2013-12-25
A while ago I have posted this question and had brilliant help from Bob. I have finished up the site and am testing it out.
Now I have discovered that whatever password I type in I get to the page. Seems that we have missed something here :-)
Ok, here is the "material":

This is the "sample login" (basically the same as on the site, just without all the other content around):
http://www.integritysales.com/login_example.html

This is the cgi-script:

#!/usr/local/bin/perl
use CGI ':standard';
if(!param())
{
print header, start_html,
start_form,
textfield(-name=>'username'),br(),
textfield(-name=>'password'), submit(-name=>'sb', -value=>'logon'),
end_form;
}
elsif(param('username') and param('password'))
{
$unpw=param('username') . '|' . param('password');
open PWFILE, "nav.dat";
while(<PWFILE>){
if($unpw=~/$_/)
{
chomp($page=${[split(/\|/,$_)]}[2]);
print "Location: $page\n\n";
close PWFILE;
exit;
}
}
print header, start_html;
print "sorry, we couldn't find that username and password";
close PWFILE;
exit;
}
else
{
print header, start_html,h1('sorry, you need to enter a username and password');
}

And this is the nav.dat file:

cow|milk|http://www.integritysales.com
cat|mouse|http://www.cea.edu
horse|cowboy|http://www.dkmediadesign.com
bird|song|http://www.danazed.com
turtle|island|http://www.tuschmanphoto.com

I am wondering what we are missing here?

Thanks a lot for your help!

Doris
0
Comment
Question by:dkyburz
  • 4
  • 3
8 Comments
 
LVL 2

Expert Comment

by:Schells_Web_Design
ID: 6358073
I got this message trying to access your sample page in your question:

The requested URL /integritysales.css was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
0
 

Author Comment

by:dkyburz
ID: 6358284
Hi Shells Web Design,

Thank you for pointing this out. I have added the style sheet (again). [sometimes I'm just cleaning up a bit too much ;-, and I was not aware of this one because it showed fine here]

Your note about the 404 error is a bit a miracle to me because I haven't had that problem before with this.

I hope you can have a least a look at it now :-)

Thanks,

Doris
0
 
LVL 2

Accepted Solution

by:
coreyit earned 200 total points
ID: 6358871
in the line,

$unpw=param('username') . '|' . param('password');

the single pipe, "|", acts as "or" when looking for the match. You'll notice that you can also enter any false username and a valid password and be directed based ont the password's value. And for more fun, try combos that add garbage to the values and reverse them (put pass in user and user in pass).

Now, I'm not very experienced with Perl, so I'm sure there are better ways than what I came up with. The essence of what I did was to try to more clearly define the start and finish of the username and password values in the strings in both the script and .dat file. I did so by using ":::" as the delimiter and checking to be sure that the match happens at the start of the string (so you can't do user: mycow and pass: milk). Once I did that, the only other thing to change was to have the split grab everything after the first pipe, because there's only one in the string now. I don't know if I'm making sense... it's late!

here's the code:

----------
cgi
----------
#!/usr/local/bin/perl
use CGI ':standard';
if(!param())
{
print header, start_html,
start_form,
textfield(-name=>'username'),br(),
textfield(-name=>'password'), submit(-name=>'sb', -value=>'logon'),
end_form;
}
elsif(param('username') and param('password'))
{
$unpw=param('username') . ':::' . param('password') . ':::';
open PWFILE, "nav.dat";
while(<PWFILE>){
if($unpw=~/^$_/)
{
chomp($page=${[split(/\|/,$_)]}[1]);
print "Location: $page\n\n";
close PWFILE;
exit;
}
}
print header, start_html;
print "sorry, we couldn't find that username and password";
close PWFILE;
exit;
}
else
{
print header, start_html,h1('sorry, you need to enter a username and password');
}
----------

----------
nav.dat
----------
cow:::milk:::|http://www.integritysales.com
cat:::mouse:::|http://www.cea.edu
horse:::cowboy:::|http://www.dkmediadesign.com
bird:::song:::|http://www.danazed.com
turtle:::|island:::|http://www.tuschmanphoto.com
----------

cheers and goodnight!

-corey
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 2

Expert Comment

by:coreyit
ID: 6358875
doh!

forgot to get rid of the pipe in the last one!

turtle:::|island:::|http://www.tuschmanphoto.com

should be

turtle:::island:::|http://www.tuschmanphoto.com


zzzzzzzzzzzzzzzzzzzzzzzz!
0
 

Author Comment

by:dkyburz
ID: 6361913
Hello coreyit :-)

You must have had a splendid sleep... since you just helped me to fix this little big problem :-)

It did not work at the beginning, but then I did put the long "sentence" close to the top of the script on one line (somehow I remembered that this was once a point where I got stuck), and voila and tataaaa, it worked. Let me do some "endurance tests" tomorrow and then I will accept your answer as THE ONE.

Thanks a lot for your great help!

Doris


0
 
LVL 2

Expert Comment

by:coreyit
ID: 6362486
Glad it worked out. Good luck with everything, and thanks... I might make use of that Perl at some point too :)

-corey
0
 

Author Comment

by:dkyburz
ID: 6362711
Hi Corey! It passed the "endurance test" ;-)
Thanks again for your help! I'm a big step closer to wrapping up a very tiresome project...

Doris
0
 
LVL 2

Expert Comment

by:coreyit
ID: 6362823
Hi Doris,

I'm glad I could contribute. Good luck with your project, I definitely know the feeling.

-corey
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction This tutorial will give you a fast look what you can do with WhizBase. I expect you already know how to work with HTML at least, and that you understand the basics of the internet and how the internet works. WhizBase is a server-s…
This tutorial will discuss fancy secure registration forms, with AJAX technology support. In this article I assume you already know HTML and some JS. I will write the code using WhizBase Server Pages, so you need to know some basics in WBSP (you mig…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question