[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

user tracking

Posted on 2006-06-04
9
Medium Priority
?
326 Views
Last Modified: 2010-03-04
I’m not sure if this is the right section to post in, but here goes…

I’m setting up a website where I want a user to log-in and at his leisure complete various surveys/experiments (behavioral research).  My goal is to have a one-time registration page that sets up a user account and then allow the user to login with a uid/pwd.  This much I can handle.  

Next I want the user, once logged in, to complete surveys (which I will write in Perl) and have the data stored.  This I can also handle.

The part that I can’t figure out how to do, is to link the log-in with the various Perl scripts.  Originally I was thinking that when the user logs in a temp file could be created on the server with his uid which the various Perl scripts would read and append to the data being stored.  This, however, I realize is a problem when multiple users log in at once (though if there is an easy solution to this, I’m all ears).  Next I thought maybe I could use the .htaccess login “system” to track the user, but I have no clue how to extract the userid associated with the login with a Perl script.  I think ideally, this would be the solution I want, but I’m all ears for anything else.

I also realize that I could just constantly pass the user info from Perl script to Perl script, but this gets VERY messy.

So my specific questions are as follows:

1)      Is there a way to have a Perl script “read” the user information once a user logs into a folder that is “protected” by an .htaccess level login system?
2)      Is there a better/different way to track a user throughout his access?

Thanks for the help!
Jeff

Apache version – 1.3.36 (unix)
Perl version – 5.8.7
MySQL (if needed) version – 4.1.19-standard
0
Comment
Question by:buktotruth
  • 3
  • 3
  • 3
9 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 16829858
The Apache log should have the userid on each http get for each file that is protected through .htaccess.  At least in Apache V2 it does.
0
 

Author Comment

by:buktotruth
ID: 16830169
that sounds like a good solution...now how do i access the log file via a script?

...one thing to note is that i'm not running this on my own machine and may or may not have access to the log file.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16832876
If you don't have access to the Apache logs, then you will have some issues.  If this is a virtual web host, then your virtual web server can have its own isolated logs so the would be no security issues by allow you to have access to "you servers logs."

You can look at things like webalizer (http://www.mrunix.net/webalizer/).

If you really can't have access to the logs, then the only solution I can think of is to use some type of script (javascript on the client side) to talk to a cgi script on the server and log this information in your MySQL database.  But that will add overhead to the webserver/MySQL Server and I would assume that whomever is running the server would rather not have that overhead.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 15

Expert Comment

by:periwinkle
ID: 16833754
giltjr - I think you misunderstood - I believe that buktotruth is looking for the current user, not to report on past users.

Extracting the .htaccess userid  via perl is quite easy;  you can use:

$userid = $ENV{'REMOTE_USER'};

Best bet would be to would keep a database of user information, whether it is a flatfile database, or a mysql or other type.  Be sure to include the user's email address - that way, you can easily implement a 'mail me my password' functionality.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16834081
periwinkle:  You could be correct.  

buktotruth:  Can you attempt to clear up when you need the "userid".  Do you want to run a report that shows what the user  did yesterday or do you want your cgi script to keep track of who is doing something right now.

If you want "yesterday" then the Apache log will provide you with what you need.  If you want to track what the person is doing right now, then either using $userid = $ENV{'REMOTE_USER'}; will work, or just passing the userid in a cookie or a hidden field on a form in HTML
0
 

Author Comment

by:buktotruth
ID: 16834395
periwinkle was right in that i need to access the current userid.

I'm test this out and can't seem to get it to work.  The perl script i through together is:

#!/usr/local/bin/perl
use CGI::Carp qw(fatalsToBrowser);
use CGI;
$query = new CGI;

$userid = $ENV{'REMOTE_USER'};

print $query->header;
print $query->start_html(-title=>'Test');
print "user: $userid";
            
print $query->end_html;

exit;


and call it from an html file with in an htaccess protected folder via a form:

<form action='/cgi-bin/passtest.pl' method='post' >
              <p><u>test</u></p>
              <p>test:
               
                <input type='submit' value="Submit">
              </p>
</form>

The output however is missing the userid (test) and only shows "user:"...i wonder if this is b/c the cgi file is in the cgi-bin which is NOT htaccess protected...if this is the case, is there anyway to get around it?

Thanks,
Jeff

0
 
LVL 15

Accepted Solution

by:
periwinkle earned 1400 total points
ID: 16834464
Jeff - put the script in a subdirectory, and copy your .htaccess file into it, too.  It will refer to the exact same .htaccess file so you shouldn't have to log in twice.
0
 

Author Comment

by:buktotruth
ID: 16834532
that did the trick!

Thanks a lot for the help.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 16834546
Glad to assist!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
Loops Section Overview
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses
Course of the Month19 days, 16 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question