Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: CGI Password

by Anonymous Monk
on Mar 28, 2001 at 11:52 UTC ( [id://67774]=note: print w/replies, xml ) Need Help??


in reply to CGI Password

What are some basic things I can do to make this script more secure?

Run perl with the -T switch to turn taint checking on.

If need be, would it be wise to use this script on a business web site?

I'm not sure I understand what you mean. If your business needs this, then yes, if it doesn't, then no.

Lastly, is it a wise decision to have the actuall password name in the script or should I call it from a txt file (or something else)?

First, you shouldn't store the plaintext password, store it crypt'd. As for where to store it, that depends on your system's setup, you'll preferably want to store it in a file which can be read by as few people as possible, that could be your CGI if you're using suEXEC or similar mechanism.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://67774]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others wandering the Monastery: (6)
As of 2024-04-23 14:07 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found