Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

icheck.pl doesn't work with numbers

Posted on 2002-07-17
4
132 Views
Last Modified: 2010-03-05
Hello.  I'm using a very "simple" old script called icheck.pl.  See file below.

This script is for "pretty-good" security.  

The script creator is long gone so I can't get help there.

This script works with a form and a text file with a list of usernames (see below).  The user submits their username using the form.  If the username is in a flat text file - dataDealer.txt, the user is admitted to the protected area.

Everything is working great except I can't us any **numbers** in the dataDealer.txt file.  

I've had this script working on a different server using numbers in the username field.

*********Here is the dataDealer.txt file************
11AGRO
solution
Solutions
Solution
SOLUTION
SOLUTIONS
*********Here is the Perl File***********************
#!/usr/bin/perl

# ICheck v.1.0 written by Dave Palmer <dave@upstatepress.com>
# http://upstatepress.com/dave/perl.shtml
###############################################################
# ICheck allows you to "protect" a directory, without editing
# your .htaccess file. Of course this isn't as secure as editing
# your .htaccess file, but for those who don't want just want
# a bit of security, or just want people to register themselves
# before gaining access to a site, this is the script for that
# job! You can also choose to leave out the "register as a new
# user" on the form if you do not want to allow just anyone to
# register. Its up to you!!
###############################################################

# Location of your data.txt file. This file stores your registered
# users. This should be chmod to 777 Same with the directory: icheck
$datafile = "/home/aprillou/public_html/icheckDataAll/data.txt";

# Once the user is registered, this is the location of the "secured"
# site.
$location = "http://www.netafim-usa-greenhouse.com/Greenhouse/download_area_greenhouse.html";

################################################################

read(STDIN, $input, $ENV{'CONTENT_LENGTH'});

     @pairs = split(/&/, $input);
     foreach $pair (@pairs) {
     ($name, $value) = split(/=/, $pair);
     
     $name =~ tr/+/ /;
     $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
     $value =~ tr/+/ /;
     $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

   $FORM{$name} = $value;
          }
$usrname = $FORM{'usrname'};
$email = $FORM{'email'};
$action = $FORM{'action'};

if($action eq "register") {
     &register;
          }

     else {
       &admit;
              }

sub admit {
open(FILE, "$datafile") || die "I can't\n";    

     while(<FILE>) {
     chop;          
     @all = split(/\n/);

     foreach $line (@all) {
     ($loginname, $loginemail) = split(/&&/, $line);

     if($loginname eq "$usrname" && $loginemail eq "$email") {
          $match = 1;
          &relocate;
                  }
          }
     
      }
     
close(FILE);

          if (! $match) {
          &error;
                  }

     }

sub register {
open(FILE, ">>$datafile") || die "Nope\n";
print FILE "$usrname&&$email\n";
close(FILE);

print "Content-type: text/html\n\n";
print "<html><head><title>Thanks! $usrname!</title></head>\n";
print "<body>\n";
print "<p><h1>Thanks $usrname</p></h1>\n";
print "You have been registered. You may now go back and enter <b>$usrname\n";
print "</b> and <b>$email</b> to gain access to this site\n";
print "</body></html>\n";
     }

sub relocate {
print "Location: $location\n\n";
     }

sub error {
print "Content-type: text/html\n\n";
print "<html><head><title>Error</title></head>\n";
print "<body>\n";
print "<p><h1>Error</p></h1>\n";
print "You do not have access to this site\n";
print "</body></html>\n";
exit;
          }


I'll award more points than 200 if we can get this solved.

April
0
Comment
Question by:aprillougheed
  • 2
  • 2
4 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 200 total points
ID: 7160564
the posted dataDealer.txt does not contain any user which is matched with the posted script.
The lines must look like:

   user&&mail

somehow ...
0
 

Author Comment

by:aprillougheed
ID: 7160809
Actually, the above comment had nothing to do with why the script wasn't working.  I just had the wrong url to the data text file.

But I awarded the points for your time.

April
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7160823
exactly what I assumed/said ;-)
0
 

Author Comment

by:aprillougheed
ID: 7160846
Oh - sorry I see what you mean now.  :)
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've just discovered very important differences between Windows an Unix formats in Perl,at least 5.xx.. MOST IMPORTANT: Use Unix file format while saving Your script. otherwise it will have ^M s or smth likely weird in the EOL, Then DO NOT use m…
Email validation in proper way is  very important validation required in any web pages. This code is self explainable except that Regular Expression which I used for pattern matching. I originally published as a thread on my website : http://www…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question