Solved

different logins lead to different pages - one more problem...

Posted on 2001-08-06
8
195 Views
Last Modified: 2013-12-25
A while ago I have posted this question and had brilliant help from Bob. I have finished up the site and am testing it out.
Now I have discovered that whatever password I type in I get to the page. Seems that we have missed something here :-)
Ok, here is the "material":

This is the "sample login" (basically the same as on the site, just without all the other content around):
http://www.integritysales.com/login_example.html

This is the cgi-script:

#!/usr/local/bin/perl
use CGI ':standard';
if(!param())
{
print header, start_html,
start_form,
textfield(-name=>'username'),br(),
textfield(-name=>'password'), submit(-name=>'sb', -value=>'logon'),
end_form;
}
elsif(param('username') and param('password'))
{
$unpw=param('username') . '|' . param('password');
open PWFILE, "nav.dat";
while(<PWFILE>){
if($unpw=~/$_/)
{
chomp($page=${[split(/\|/,$_)]}[2]);
print "Location: $page\n\n";
close PWFILE;
exit;
}
}
print header, start_html;
print "sorry, we couldn't find that username and password";
close PWFILE;
exit;
}
else
{
print header, start_html,h1('sorry, you need to enter a username and password');
}

And this is the nav.dat file:

cow|milk|http://www.integritysales.com
cat|mouse|http://www.cea.edu
horse|cowboy|http://www.dkmediadesign.com
bird|song|http://www.danazed.com
turtle|island|http://www.tuschmanphoto.com

I am wondering what we are missing here?

Thanks a lot for your help!

Doris
0
Comment
Question by:dkyburz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 2

Expert Comment

by:Schells_Web_Design
ID: 6358073
I got this message trying to access your sample page in your question:

The requested URL /integritysales.css was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
0
 

Author Comment

by:dkyburz
ID: 6358284
Hi Shells Web Design,

Thank you for pointing this out. I have added the style sheet (again). [sometimes I'm just cleaning up a bit too much ;-, and I was not aware of this one because it showed fine here]

Your note about the 404 error is a bit a miracle to me because I haven't had that problem before with this.

I hope you can have a least a look at it now :-)

Thanks,

Doris
0
 
LVL 2

Accepted Solution

by:
coreyit earned 200 total points
ID: 6358871
in the line,

$unpw=param('username') . '|' . param('password');

the single pipe, "|", acts as "or" when looking for the match. You'll notice that you can also enter any false username and a valid password and be directed based ont the password's value. And for more fun, try combos that add garbage to the values and reverse them (put pass in user and user in pass).

Now, I'm not very experienced with Perl, so I'm sure there are better ways than what I came up with. The essence of what I did was to try to more clearly define the start and finish of the username and password values in the strings in both the script and .dat file. I did so by using ":::" as the delimiter and checking to be sure that the match happens at the start of the string (so you can't do user: mycow and pass: milk). Once I did that, the only other thing to change was to have the split grab everything after the first pipe, because there's only one in the string now. I don't know if I'm making sense... it's late!

here's the code:

----------
cgi
----------
#!/usr/local/bin/perl
use CGI ':standard';
if(!param())
{
print header, start_html,
start_form,
textfield(-name=>'username'),br(),
textfield(-name=>'password'), submit(-name=>'sb', -value=>'logon'),
end_form;
}
elsif(param('username') and param('password'))
{
$unpw=param('username') . ':::' . param('password') . ':::';
open PWFILE, "nav.dat";
while(<PWFILE>){
if($unpw=~/^$_/)
{
chomp($page=${[split(/\|/,$_)]}[1]);
print "Location: $page\n\n";
close PWFILE;
exit;
}
}
print header, start_html;
print "sorry, we couldn't find that username and password";
close PWFILE;
exit;
}
else
{
print header, start_html,h1('sorry, you need to enter a username and password');
}
----------

----------
nav.dat
----------
cow:::milk:::|http://www.integritysales.com
cat:::mouse:::|http://www.cea.edu
horse:::cowboy:::|http://www.dkmediadesign.com
bird:::song:::|http://www.danazed.com
turtle:::|island:::|http://www.tuschmanphoto.com
----------

cheers and goodnight!

-corey
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 2

Expert Comment

by:coreyit
ID: 6358875
doh!

forgot to get rid of the pipe in the last one!

turtle:::|island:::|http://www.tuschmanphoto.com

should be

turtle:::island:::|http://www.tuschmanphoto.com


zzzzzzzzzzzzzzzzzzzzzzzz!
0
 

Author Comment

by:dkyburz
ID: 6361913
Hello coreyit :-)

You must have had a splendid sleep... since you just helped me to fix this little big problem :-)

It did not work at the beginning, but then I did put the long "sentence" close to the top of the script on one line (somehow I remembered that this was once a point where I got stuck), and voila and tataaaa, it worked. Let me do some "endurance tests" tomorrow and then I will accept your answer as THE ONE.

Thanks a lot for your great help!

Doris


0
 
LVL 2

Expert Comment

by:coreyit
ID: 6362486
Glad it worked out. Good luck with everything, and thanks... I might make use of that Perl at some point too :)

-corey
0
 

Author Comment

by:dkyburz
ID: 6362711
Hi Corey! It passed the "endurance test" ;-)
Thanks again for your help! I'm a big step closer to wrapping up a very tiresome project...

Doris
0
 
LVL 2

Expert Comment

by:coreyit
ID: 6362823
Hi Doris,

I'm glad I could contribute. Good luck with your project, I definitely know the feeling.

-corey
0

Featured Post

Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I have been answering a lot of questions like this in IT forums that I frequent. The question posed is usually something along the lines of "We have software X installed and need to uninstall it for reason Y" or some other variant of the sa…
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
The viewer will learn how to dynamically set the form action using jQuery.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question