"...but I do not know how to incorporate the password protection logon of the .htaccess protected area as part of the condition for file delition."
Easy - you don't. You are dealing with two different
levels of protection here: the first is your .htaccess
stuff, which you have already set up. The second looks like
hard coded values in your CGI script. Basically, any user
that has an entry via .htaccess can add to the CSV file,
but only one 'uber' user can delete it. That user
will most likely have two identies - the first is some
entry in the .htaccess file, and the second is
'fishbreath', which is queried from the CGI script, not
the .htaccess mechanism. Here is some example code for you
to ponder:
use strict;
use CGI qw(:standard);
my $action = trim(param('ACTION'));
my $user = trim(param('name'));
my $pass = trim(param('password'));
if ($action eq 'DELETE') {
if ($user eq 'fishbreath' and $pass eq 'foobazz') {
unlink 'path/to/csv.file';
}
else {
# permission denied!
}
}
else {
# do other stuff
}
sub trim {
my $raw = shift;
$raw =~ s/^\s*//g; # remove leading space
$raw =~ s/\s*$//g; # remove trailing space
return $raw;
}
The .htaccess will take care of letting users even access
the CSV file - the CGI script will take care of letting the
'uber' user delete the CSV file. Good luck! :)
jeffa
L-LL-L--L-LL-L--L-LL-L--
-R--R-RR-R--R-RR-R--R-RR
B--B--B--B--B--B--B--B--
H---H---H---H---H---H---
(the triplet paradiddle with high-hat)
