Solved

Redirect control to another PERL script server-side, keeping CGI Params?

Posted on 2007-03-22
6
610 Views
Last Modified: 2013-12-25
Short:
What is the best way to forward control to another script, server-side, while keeping CGI query params (or passing new ones)?

Long:
I'm redesigning a webpage, and the new frontpage has a login form. In the past, different types of users would go to different pages to log in. EG customers to a "customer.cgi" script which would required login before allowing access, and administrators to a "admin.cgi" script which would do the same.

As part of the redesign, I'm centralizing the security part into a separata class, and all users now log in from the front page, to say "front.cgi". That script then calls the security module & verifies user is right to go, then should deliver them straight to the page they'd normally see when logging in via the old system (ie. into customer.cgi & admin.cgi).

How can I, after verifying the user in "front.cgi" then pass control to "admin.cgi" if the user is an admin, without doing a client-side redirect request (eg. print $cgi->redirect( 'http://www.server.com/admin.cgi?controlPage' ) ). I can do it like that of course since sessions & cookies are stored when "front.cgi" confirms identity, but it seems like it should be very easy to pass control to another process, and would be the cleanest way to do it to my mind.

To do that I would need to carry over the CGI params used in "front.cgi", or POST some new ones (don't need uid/pass again).

Seems strangely hard.

Apparently using $cgi->redirect() should work if you redirect to an absolute server path (such as /home/site/cgi-bin/admin.cgi) but doesn't seem to do what it claims .. at least on my dev machine. Same goes for LWP::UserAgent.

Comments & Ideas appreciated & welcomed.

If we can find a solution relatively quickly, I'll make the changes tonight & there will be more points available for the efforts; otherwise I'll use a client-side redirect in the interim.  :)

Thx!!
0
Comment
Question by:Glauron
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 84

Accepted Solution

by:
ozo earned 250 total points
ID: 18773423
do '/home/site/cgi-bin/admin.cgi';
0
 
LVL 1

Author Comment

by:Glauron
ID: 18776296
that has to be the simplest, & easiest solution to a problem I've ever posted :)

one small problem though...

admin.cgi reads all the same CGI params posted to the original script, but how can I pass it new info? ie. now that I know we need to redirect to admin.cgi after verifying the user, how can I add something like $cgi->param('action', 'showControl') to the POSTed list of params?

I have tried to manipulate STDIN & the $ENV variables but so far no luck.
0
 
LVL 1

Author Comment

by:Glauron
ID: 18776914
OK - found one solution ...

by using a 'system' call, instead of 'do', it passes on the changed environment variables since admin.cgi will be a child process to the currently running script. It doesn't seem to work that way with 'do'.

Still, I think I'd prefer redirecting client-side to the new script & check the session/cookie info then to verify the user. Seems cleaner & slightly more secure.. there'd have to be all sorts of taint checking

$ENV{REQUEST_METHOD} = 'GET';
$ENV{QUERY_STRING} = 'action=showControl';
$ENV{CONTENT_LENGTH} = length( $ENV{QUERY_STRING} );

my $path = $global->{CONF}->{RPATH} . 'cgi-bin/';
chdir $path;

system( 'perl admin.cgi' );
return;
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 
LVL 84

Expert Comment

by:ozo
ID: 18777838
do should also see the changed environment variables
0
 
LVL 1

Author Comment

by:Glauron
ID: 18921822
using do din't allow me to see env vars unfortunately, but system got me out of trouble for a while.

Thanks for the help.
0
 
LVL 84

Expert Comment

by:ozo
ID: 18922429
What are you doing that you are unable to see env vars ?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is a general practice to get rid of old user profiles on a computer  in a LAN environment. As I have been working with a company in a LAN environment where users move from one place to some other place at times. This will make many user profil…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question