Solved

how do i include a query string when running do("scriptname.cgi"); from a perl script

Posted on 2004-08-26
5
189 Views
Last Modified: 2013-12-25
I have a site which requires a login.  (mydomain.com)
 
suppose I send someone the following url in an email.  

(mydomain.com/bla.cgi?filename=bla&token=blabla)

if the user clicks the link, without a login cookie, they are directed to the login screen.  (mydomain.com/index.cgi)

Upon a successfull login, I want to redirect the user to the page of the original url (ie: mydomain.com/bla.cgi?filename=bla&token=blabla)

I was thinking the easiest way would be something like this:

bla.cgi
------------------------------------------
my $logged_in = cookie('login');

####
#this code is wronge, but it illustrates what i am trying to do
####
do ("log_in.cgi?return_pos='bla.cgi\?filename=bla\&token=blabla'") unless ($logged_in);

#bla.cgi continues. . .
------------------------------------------


passcheck.cgi
------------------------------------------
#successfull login takes place, cookie set, etc. . .

$form = new CGI;
my $RETURN_POS = $form->param('return_pos');

do("$RETURN_POS);
------------------------------------------

the problem is I don't think you can put the query string in the do('scriptname.cgi'); unless I am just doing it wrong.  Anyone know how to make this work or have other suggestions?

thanks!



0
Comment
Question by:sidikiisajawa
  • 2
  • 2
5 Comments
 
LVL 3

Expert Comment

by:rkosai
ID: 11917700
How about sending Location headers to the client?

my $loc = 'mydomain.com/bla.cgi?filename=bla&token=blabla';
if (!$logged_in) {
  print "Location: mydomain.com/index.cgi\n\n";
} else {
  print "Location: $loc\n\n";
}
0
 

Author Comment

by:sidikiisajawa
ID: 11926592
Thanks for your comment rkosai, but the meta-refresh is not the answer i am looking for.  

I tried this anyway, and it did not work.   Does it work for you?
0
 
LVL 3

Accepted Solution

by:
rkosai earned 250 total points
ID: 11927235
This is not meta-refresh.  Its a CGI header that causes a server redirect.  Make sure you're not sending any other CGI headers (such as content-type) before it.

You may also want to try giving a full URL for the location.  (including the "http://")
0
 
LVL 5

Expert Comment

by:ddunlea
ID: 11929279
I'd be inclined to use param() to retrieve the GET parameters from the address bar, then embed them as hidden form elements in your login page, such that when post-processing the login page, you can redirect them using the same parameters that were originally passed in.
0
 

Author Comment

by:sidikiisajawa
ID: 11938197
rkosai,   you are right, thanks!

Here is what i ended up doing:

bla.cgi:
-----------------------------------------------------------
#!/usr/bin/perl

#some other code
#. . .
#end some other code

my $url = "bla.cgi";
$url .= "?"."$ENV{QUERY_STRING}";
$url .= '&logjump=1';
$url = CGI::escape($url); #escape special characters

##
#make sure they log in
##

my $loggedin = cookie('pialogin');

#withoug this, we would get stuck in a neverending loop waiting for the cookie to be set
my $LOGJUMP = $form->param('logjump');

unless ($LOGJUMP){
    unless ($loggedin > 1){
        print "Location: index.cgi?from_url=$url\n\n";
        exit;
    }
}
#functionality of bla.cgi follows
#. . .
#end bla.cgi
-----------------------------------------------------------

loginscreen.cgi:
-----------------------------------------------------------
#!/usr/bin/perl

#some other code follows:
#. . .
#end some other code

my $FROM_URL = $form->param('from_url');

print qq{<h3>Login</h3>
Sign in:<br />
<form method="post" action="authenticate.cgi">
<table>
<tr><td>Username: </td><td><input type="text" name="user"></td></tr>
<tr><td>Password: </td><td><input type="password" name="passwd"></td></tr>
</table>
<input type="hidden" name="from_url" value="$FROM_URL">
<input type="submit" class="buttonblue" value="Login">
</form>
};

-----------------------------------------------------------


authenticate.cgi:
-----------------------------------------------------------
#!/usr/bin/perl

#some other code follows:
#. . .
#end some other code

my $USER = $form->param("user"); #username entered
my $PASSWD = $form->param("passwd"); #password entered
my $result; #result code of authenticate()

my $FROM_URL = $form->param('from_url');

$result = authenticate("$USER","$PASSWD"); #returns '0' for a sucessfull login
unless ($result){
    print "Set-cookie: login=1\n\n";
    print "Set-cookie: user=$USER\n\n";
    print "Location: $FROM_URL"
}

#the rest of the code follows:
#if $result is not zero, login error, etc, etc. . .
#


-----------------------------------------------------------
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

In this tutorial I will focus on how to use WhizBase as a tool for sending ICQ messages to ICQ. Here I will use a new technology in WhizBase, published in WhizBase 5.1 version. In this tutorial I will use 3 files, pager.wbsp for the processing, e…
Making a simple AJAX shopping cart Couple years ago I made my first shopping cart, I used iframe and JavaScript, it was very good at that time, there were no sessions or AJAX, I used cookies on clients machine. Today we have more advanced techno…
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now