?
Solved

icheck.pl doesn't work with numbers

Posted on 2002-07-17
4
Medium Priority
?
137 Views
Last Modified: 2010-03-05
Hello.  I'm using a very "simple" old script called icheck.pl.  See file below.

This script is for "pretty-good" security.  

The script creator is long gone so I can't get help there.

This script works with a form and a text file with a list of usernames (see below).  The user submits their username using the form.  If the username is in a flat text file - dataDealer.txt, the user is admitted to the protected area.

Everything is working great except I can't us any **numbers** in the dataDealer.txt file.  

I've had this script working on a different server using numbers in the username field.

*********Here is the dataDealer.txt file************
11AGRO
solution
Solutions
Solution
SOLUTION
SOLUTIONS
*********Here is the Perl File***********************
#!/usr/bin/perl

# ICheck v.1.0 written by Dave Palmer <dave@upstatepress.com>
# http://upstatepress.com/dave/perl.shtml
###############################################################
# ICheck allows you to "protect" a directory, without editing
# your .htaccess file. Of course this isn't as secure as editing
# your .htaccess file, but for those who don't want just want
# a bit of security, or just want people to register themselves
# before gaining access to a site, this is the script for that
# job! You can also choose to leave out the "register as a new
# user" on the form if you do not want to allow just anyone to
# register. Its up to you!!
###############################################################

# Location of your data.txt file. This file stores your registered
# users. This should be chmod to 777 Same with the directory: icheck
$datafile = "/home/aprillou/public_html/icheckDataAll/data.txt";

# Once the user is registered, this is the location of the "secured"
# site.
$location = "http://www.netafim-usa-greenhouse.com/Greenhouse/download_area_greenhouse.html";

################################################################

read(STDIN, $input, $ENV{'CONTENT_LENGTH'});

     @pairs = split(/&/, $input);
     foreach $pair (@pairs) {
     ($name, $value) = split(/=/, $pair);
     
     $name =~ tr/+/ /;
     $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
     $value =~ tr/+/ /;
     $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

   $FORM{$name} = $value;
          }
$usrname = $FORM{'usrname'};
$email = $FORM{'email'};
$action = $FORM{'action'};

if($action eq "register") {
     &register;
          }

     else {
       &admit;
              }

sub admit {
open(FILE, "$datafile") || die "I can't\n";    

     while(<FILE>) {
     chop;          
     @all = split(/\n/);

     foreach $line (@all) {
     ($loginname, $loginemail) = split(/&&/, $line);

     if($loginname eq "$usrname" && $loginemail eq "$email") {
          $match = 1;
          &relocate;
                  }
          }
     
      }
     
close(FILE);

          if (! $match) {
          &error;
                  }

     }

sub register {
open(FILE, ">>$datafile") || die "Nope\n";
print FILE "$usrname&&$email\n";
close(FILE);

print "Content-type: text/html\n\n";
print "<html><head><title>Thanks! $usrname!</title></head>\n";
print "<body>\n";
print "<p><h1>Thanks $usrname</p></h1>\n";
print "You have been registered. You may now go back and enter <b>$usrname\n";
print "</b> and <b>$email</b> to gain access to this site\n";
print "</body></html>\n";
     }

sub relocate {
print "Location: $location\n\n";
     }

sub error {
print "Content-type: text/html\n\n";
print "<html><head><title>Error</title></head>\n";
print "<body>\n";
print "<p><h1>Error</p></h1>\n";
print "You do not have access to this site\n";
print "</body></html>\n";
exit;
          }


I'll award more points than 200 if we can get this solved.

April
0
Comment
Question by:aprillougheed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 400 total points
ID: 7160564
the posted dataDealer.txt does not contain any user which is matched with the posted script.
The lines must look like:

   user&&mail

somehow ...
0
 

Author Comment

by:aprillougheed
ID: 7160809
Actually, the above comment had nothing to do with why the script wasn't working.  I just had the wrong url to the data text file.

But I awarded the points for your time.

April
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7160823
exactly what I assumed/said ;-)
0
 

Author Comment

by:aprillougheed
ID: 7160846
Oh - sorry I see what you mean now.  :)
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
In the distant past (last year) I hacked together a little toy that would allow a couple of Manager types to query, preview, and extract data from a number of MongoDB instances, to their tool of choice: Excel (http://dilbert.com/strips/comic/2007-08…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question