Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

different logins lead to different pages - one more problem...

Posted on 2001-08-06
8
Medium Priority
?
199 Views
Last Modified: 2013-12-25
A while ago I have posted this question and had brilliant help from Bob. I have finished up the site and am testing it out.
Now I have discovered that whatever password I type in I get to the page. Seems that we have missed something here :-)
Ok, here is the "material":

This is the "sample login" (basically the same as on the site, just without all the other content around):
http://www.integritysales.com/login_example.html

This is the cgi-script:

#!/usr/local/bin/perl
use CGI ':standard';
if(!param())
{
print header, start_html,
start_form,
textfield(-name=>'username'),br(),
textfield(-name=>'password'), submit(-name=>'sb', -value=>'logon'),
end_form;
}
elsif(param('username') and param('password'))
{
$unpw=param('username') . '|' . param('password');
open PWFILE, "nav.dat";
while(<PWFILE>){
if($unpw=~/$_/)
{
chomp($page=${[split(/\|/,$_)]}[2]);
print "Location: $page\n\n";
close PWFILE;
exit;
}
}
print header, start_html;
print "sorry, we couldn't find that username and password";
close PWFILE;
exit;
}
else
{
print header, start_html,h1('sorry, you need to enter a username and password');
}

And this is the nav.dat file:

cow|milk|http://www.integritysales.com
cat|mouse|http://www.cea.edu
horse|cowboy|http://www.dkmediadesign.com
bird|song|http://www.danazed.com
turtle|island|http://www.tuschmanphoto.com

I am wondering what we are missing here?

Thanks a lot for your help!

Doris
0
Comment
Question by:dkyburz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 2

Expert Comment

by:Schells_Web_Design
ID: 6358073
I got this message trying to access your sample page in your question:

The requested URL /integritysales.css was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
0
 

Author Comment

by:dkyburz
ID: 6358284
Hi Shells Web Design,

Thank you for pointing this out. I have added the style sheet (again). [sometimes I'm just cleaning up a bit too much ;-, and I was not aware of this one because it showed fine here]

Your note about the 404 error is a bit a miracle to me because I haven't had that problem before with this.

I hope you can have a least a look at it now :-)

Thanks,

Doris
0
 
LVL 2

Accepted Solution

by:
coreyit earned 800 total points
ID: 6358871
in the line,

$unpw=param('username') . '|' . param('password');

the single pipe, "|", acts as "or" when looking for the match. You'll notice that you can also enter any false username and a valid password and be directed based ont the password's value. And for more fun, try combos that add garbage to the values and reverse them (put pass in user and user in pass).

Now, I'm not very experienced with Perl, so I'm sure there are better ways than what I came up with. The essence of what I did was to try to more clearly define the start and finish of the username and password values in the strings in both the script and .dat file. I did so by using ":::" as the delimiter and checking to be sure that the match happens at the start of the string (so you can't do user: mycow and pass: milk). Once I did that, the only other thing to change was to have the split grab everything after the first pipe, because there's only one in the string now. I don't know if I'm making sense... it's late!

here's the code:

----------
cgi
----------
#!/usr/local/bin/perl
use CGI ':standard';
if(!param())
{
print header, start_html,
start_form,
textfield(-name=>'username'),br(),
textfield(-name=>'password'), submit(-name=>'sb', -value=>'logon'),
end_form;
}
elsif(param('username') and param('password'))
{
$unpw=param('username') . ':::' . param('password') . ':::';
open PWFILE, "nav.dat";
while(<PWFILE>){
if($unpw=~/^$_/)
{
chomp($page=${[split(/\|/,$_)]}[1]);
print "Location: $page\n\n";
close PWFILE;
exit;
}
}
print header, start_html;
print "sorry, we couldn't find that username and password";
close PWFILE;
exit;
}
else
{
print header, start_html,h1('sorry, you need to enter a username and password');
}
----------

----------
nav.dat
----------
cow:::milk:::|http://www.integritysales.com
cat:::mouse:::|http://www.cea.edu
horse:::cowboy:::|http://www.dkmediadesign.com
bird:::song:::|http://www.danazed.com
turtle:::|island:::|http://www.tuschmanphoto.com
----------

cheers and goodnight!

-corey
0
TCP/IP Network Protocol Cheat Sheet

TCP/IP is a set of network protocols which is best known for connecting the machines that make up the Internet. The truth is that TCP/IP is one of the oldest network protocols and its survival is mainly based on its simplicity and universality.

 
LVL 2

Expert Comment

by:coreyit
ID: 6358875
doh!

forgot to get rid of the pipe in the last one!

turtle:::|island:::|http://www.tuschmanphoto.com

should be

turtle:::island:::|http://www.tuschmanphoto.com


zzzzzzzzzzzzzzzzzzzzzzzz!
0
 

Author Comment

by:dkyburz
ID: 6361913
Hello coreyit :-)

You must have had a splendid sleep... since you just helped me to fix this little big problem :-)

It did not work at the beginning, but then I did put the long "sentence" close to the top of the script on one line (somehow I remembered that this was once a point where I got stuck), and voila and tataaaa, it worked. Let me do some "endurance tests" tomorrow and then I will accept your answer as THE ONE.

Thanks a lot for your great help!

Doris


0
 
LVL 2

Expert Comment

by:coreyit
ID: 6362486
Glad it worked out. Good luck with everything, and thanks... I might make use of that Perl at some point too :)

-corey
0
 

Author Comment

by:dkyburz
ID: 6362711
Hi Corey! It passed the "endurance test" ;-)
Thanks again for your help! I'm a big step closer to wrapping up a very tiresome project...

Doris
0
 
LVL 2

Expert Comment

by:coreyit
ID: 6362823
Hi Doris,

I'm glad I could contribute. Good luck with your project, I definitely know the feeling.

-corey
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you how to make a simple HTML bar chart with the usage of WhizBase, If you want more information about WhizBase please read my previous articles at http://www.experts-exchange.com/ARTH_5123186.html (http://www.experts-ex…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question