Solved

Redirect control to another PERL script server-side, keeping CGI Params?

Posted on 2007-03-22
6
607 Views
Last Modified: 2013-12-25
Short:
What is the best way to forward control to another script, server-side, while keeping CGI query params (or passing new ones)?

Long:
I'm redesigning a webpage, and the new frontpage has a login form. In the past, different types of users would go to different pages to log in. EG customers to a "customer.cgi" script which would required login before allowing access, and administrators to a "admin.cgi" script which would do the same.

As part of the redesign, I'm centralizing the security part into a separata class, and all users now log in from the front page, to say "front.cgi". That script then calls the security module & verifies user is right to go, then should deliver them straight to the page they'd normally see when logging in via the old system (ie. into customer.cgi & admin.cgi).

How can I, after verifying the user in "front.cgi" then pass control to "admin.cgi" if the user is an admin, without doing a client-side redirect request (eg. print $cgi->redirect( 'http://www.server.com/admin.cgi?controlPage' ) ). I can do it like that of course since sessions & cookies are stored when "front.cgi" confirms identity, but it seems like it should be very easy to pass control to another process, and would be the cleanest way to do it to my mind.

To do that I would need to carry over the CGI params used in "front.cgi", or POST some new ones (don't need uid/pass again).

Seems strangely hard.

Apparently using $cgi->redirect() should work if you redirect to an absolute server path (such as /home/site/cgi-bin/admin.cgi) but doesn't seem to do what it claims .. at least on my dev machine. Same goes for LWP::UserAgent.

Comments & Ideas appreciated & welcomed.

If we can find a solution relatively quickly, I'll make the changes tonight & there will be more points available for the efforts; otherwise I'll use a client-side redirect in the interim.  :)

Thx!!
0
Comment
Question by:Glauron
  • 3
  • 3
6 Comments
 
LVL 84

Accepted Solution

by:
ozo earned 250 total points
ID: 18773423
do '/home/site/cgi-bin/admin.cgi';
0
 
LVL 1

Author Comment

by:Glauron
ID: 18776296
that has to be the simplest, & easiest solution to a problem I've ever posted :)

one small problem though...

admin.cgi reads all the same CGI params posted to the original script, but how can I pass it new info? ie. now that I know we need to redirect to admin.cgi after verifying the user, how can I add something like $cgi->param('action', 'showControl') to the POSTed list of params?

I have tried to manipulate STDIN & the $ENV variables but so far no luck.
0
 
LVL 1

Author Comment

by:Glauron
ID: 18776914
OK - found one solution ...

by using a 'system' call, instead of 'do', it passes on the changed environment variables since admin.cgi will be a child process to the currently running script. It doesn't seem to work that way with 'do'.

Still, I think I'd prefer redirecting client-side to the new script & check the session/cookie info then to verify the user. Seems cleaner & slightly more secure.. there'd have to be all sorts of taint checking

$ENV{REQUEST_METHOD} = 'GET';
$ENV{QUERY_STRING} = 'action=showControl';
$ENV{CONTENT_LENGTH} = length( $ENV{QUERY_STRING} );

my $path = $global->{CONF}->{RPATH} . 'cgi-bin/';
chdir $path;

system( 'perl admin.cgi' );
return;
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 84

Expert Comment

by:ozo
ID: 18777838
do should also see the changed environment variables
0
 
LVL 1

Author Comment

by:Glauron
ID: 18921822
using do din't allow me to see env vars unfortunately, but system got me out of trouble for a while.

Thanks for the help.
0
 
LVL 84

Expert Comment

by:ozo
ID: 18922429
What are you doing that you are unable to see env vars ?
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Export Variables in Perl 3 87
read an xml file in perl 2 50
Awk : two files math 8 20
convert Systemjs to Webpack 3 37
It is a general practice to get rid of old user profiles on a computer  in a LAN environment. As I have been working with a company in a LAN environment where users move from one place to some other place at times. This will make many user profil…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question