Solved

user/pass authentication

Posted on 2002-03-29
2
195 Views
Last Modified: 2010-03-05
I'm using Win32:ODBC in conjunction with CGI for ActivePerl in Win2k server.  I need to search an MS database for a username.  If the username is not found, I'm going to display a "username not found" page.  Once the username is found, I need to check the corresponding password, which is in the same row.  (for now I'm not going to worry about encryption of passwords).

Once the username/password pair is verified, I need to set a cookie that will expire when the browser is closed.

I already know how to connect to a database and 'fetchrows' in a table.  I also know how to do CGI.  I tried to code this myself and I can't get it to work efficiently.  With my test script, it keeps 'finding' any username that I search for even though it doesn't exist in the table.  I don't want to include any code here because I think I'm way off.

Could someone provide me with a routine to do what I'm trying to do as far as verifying username/password from a database and then setting a cookie if verified?

Thanks!
0
Comment
Question by:GorGor1
2 Comments
 
LVL 5

Accepted Solution

by:
Sapa earned 100 total points
ID: 6905127
Do you need something like it?

----------------------------------------------
#!/usr/bin/perl -w
use strict;
use CGI;
use CGI::Carp qw(fatalsToBrowser);
use Win32::ODBC;

my $query = new CGI;
my $user = $query->param('user') || '';
my $password = $query->param('password') || '';

# cut all non-alphanumeric symbols from username
$user =~ s/\W//g;

my $db = new Win32::ODBC("DSN=WEBDB;UID=WWW;PWD=sEcReT") or
  die "Error connecting to database: " . Win32::ODBC::Error();

my $sql = "SELECT password FROM authtbl WHERE user='$user'";
if ($db->Sql($sql)) {
    die "Statement error: " . $db->Error;
}

unless ($db->FetchRow) {
    print "<H1>Not registered</H1>\n";
    print "<A HREF=register.cgi>register now</A>\n";
    $db->Close;
    exit;
}

my ($right_password) = $db->Data('password');

if ($password ne $right_password) {
    print "<H1>Authentication failed</H1>";
} else {
    print "<H1>Welcome to our secure site!</H1>";
}

$db->Close;
0
 
LVL 1

Author Comment

by:GorGor1
ID: 6905239
works like a charm....thanks!!
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've just discovered very important differences between Windows an Unix formats in Perl,at least 5.xx.. MOST IMPORTANT: Use Unix file format while saving Your script. otherwise it will have ^M s or smth likely weird in the EOL, Then DO NOT use m…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question