Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 148
  • Last Modified:

icheck.pl doesn't work with numbers

Hello.  I'm using a very "simple" old script called icheck.pl.  See file below.

This script is for "pretty-good" security.  

The script creator is long gone so I can't get help there.

This script works with a form and a text file with a list of usernames (see below).  The user submits their username using the form.  If the username is in a flat text file - dataDealer.txt, the user is admitted to the protected area.

Everything is working great except I can't us any **numbers** in the dataDealer.txt file.  

I've had this script working on a different server using numbers in the username field.

*********Here is the dataDealer.txt file************
11AGRO
solution
Solutions
Solution
SOLUTION
SOLUTIONS
*********Here is the Perl File***********************
#!/usr/bin/perl

# ICheck v.1.0 written by Dave Palmer <dave@upstatepress.com>
# http://upstatepress.com/dave/perl.shtml
###############################################################
# ICheck allows you to "protect" a directory, without editing
# your .htaccess file. Of course this isn't as secure as editing
# your .htaccess file, but for those who don't want just want
# a bit of security, or just want people to register themselves
# before gaining access to a site, this is the script for that
# job! You can also choose to leave out the "register as a new
# user" on the form if you do not want to allow just anyone to
# register. Its up to you!!
###############################################################

# Location of your data.txt file. This file stores your registered
# users. This should be chmod to 777 Same with the directory: icheck
$datafile = "/home/aprillou/public_html/icheckDataAll/data.txt";

# Once the user is registered, this is the location of the "secured"
# site.
$location = "http://www.netafim-usa-greenhouse.com/Greenhouse/download_area_greenhouse.html";

################################################################

read(STDIN, $input, $ENV{'CONTENT_LENGTH'});

     @pairs = split(/&/, $input);
     foreach $pair (@pairs) {
     ($name, $value) = split(/=/, $pair);
     
     $name =~ tr/+/ /;
     $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
     $value =~ tr/+/ /;
     $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

   $FORM{$name} = $value;
          }
$usrname = $FORM{'usrname'};
$email = $FORM{'email'};
$action = $FORM{'action'};

if($action eq "register") {
     &register;
          }

     else {
       &admit;
              }

sub admit {
open(FILE, "$datafile") || die "I can't\n";    

     while(<FILE>) {
     chop;          
     @all = split(/\n/);

     foreach $line (@all) {
     ($loginname, $loginemail) = split(/&&/, $line);

     if($loginname eq "$usrname" && $loginemail eq "$email") {
          $match = 1;
          &relocate;
                  }
          }
     
      }
     
close(FILE);

          if (! $match) {
          &error;
                  }

     }

sub register {
open(FILE, ">>$datafile") || die "Nope\n";
print FILE "$usrname&&$email\n";
close(FILE);

print "Content-type: text/html\n\n";
print "<html><head><title>Thanks! $usrname!</title></head>\n";
print "<body>\n";
print "<p><h1>Thanks $usrname</p></h1>\n";
print "You have been registered. You may now go back and enter <b>$usrname\n";
print "</b> and <b>$email</b> to gain access to this site\n";
print "</body></html>\n";
     }

sub relocate {
print "Location: $location\n\n";
     }

sub error {
print "Content-type: text/html\n\n";
print "<html><head><title>Error</title></head>\n";
print "<body>\n";
print "<p><h1>Error</p></h1>\n";
print "You do not have access to this site\n";
print "</body></html>\n";
exit;
          }


I'll award more points than 200 if we can get this solved.

April
0
aprillougheed
Asked:
aprillougheed
  • 2
  • 2
1 Solution
 
ahoffmannCommented:
the posted dataDealer.txt does not contain any user which is matched with the posted script.
The lines must look like:

   user&&mail

somehow ...
0
 
aprillougheedAuthor Commented:
Actually, the above comment had nothing to do with why the script wasn't working.  I just had the wrong url to the data text file.

But I awarded the points for your time.

April
0
 
ahoffmannCommented:
exactly what I assumed/said ;-)
0
 
aprillougheedAuthor Commented:
Oh - sorry I see what you mean now.  :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now