I'm not being funny but seeing as i just registered for this site, i thought you lot would take it easy with me.
Anyway, in the tutorial I looked at, the idea was to have a file for each user and the password in that file. I simpflied it a bit and ignored the need for encryption and cookies.
The link to the tutorial is here. The script executes without errors but doesn't recognise the user from the form on the previous page. Here's a snippet of the code:
...
use constant USER_DATA => '../data/users/';
my $username = param( 'login' ) || '';
my $password = param( 'password' ) || '';
my $userfile = USER_DATA.$username;
my $message = 'Bad password';
open USER, "< $userfile" or display_page( "Your username and password
+information did not match. Check to see that you do not have
Caps Lock on, hit the back button, and try again." ), exit;
my $real_password = <USER>;
close USER;
if ( $password eq $real_password )
{
$message = "Hello, $username. You gave me a good password";
}
...
Thanks, onemadjock | [reply] [d/l] |
i thought you lot would take it easy with me
castaway wasn't trying to be harsh with you; it's
just that geeks like us can't read your mind, because
we think differently. (I personally tend to think
in Perl, when I'm thinking about programming stuff.
So thinking about it the way normal people do is
hard. castaway may have a similar problem.)
Now that you've posted a snippet and an explanation,
we are better able to figure out what you need...
From your description, it seems you're always getting
that "your username and password did not match" page,
right? For testing purposes, why not
add some debugging information to that page, so you
can have a better idea what's going wrong?
open USER, "<$userfile" or display_page( "Your
username ($username) and password ($password)
information did not match, or I was unable to
verify them. (Technical error code: $!)
Check to see that you do not have Caps Lock
on, hit the back button, and try again." ), exit;
Try that, and see what it tells you. This should
help you isolate the problem, by telling you
whether your $username and $password variables
are getting set correctly and/or why you can't
open the file. (Two chances out of three it's
a permissions problem, but the value of $! will
tell you that for sure.)
$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}}
split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/
| [reply] [d/l] [select] |
Thank you for that - it now says that no such file or directory exists. The sample user is root and the password is password. I have got a file called root and root.txt.
Is the problem due to the file name and/or type?
Thanks for clearing up the misunderstanding as these sites can be quite intimidating for the novice user. We all have to start somewhere!
Thanks again - oh and the text box in the form is called login not username.
| [reply] |
What does your HTML page look like? The tutorial uses:
my $tainted_username = param( 'username' ) || '';
but your code reads:
my $username = param( 'login' ) || '';
Does the HTML form set the variable username or the variable login? Those must match.
If things get any worse, I'll have to ask you to stop helping me.
| [reply] [d/l] [select] |
You will probably need to chomp $real_password; after the line read <USER>.
| [reply] [d/l] [select] |