Login Please!!

eoin has asked for the wisdom of the Perl Monks concerning the following question:

I have this basic user authentication program here but it won't work. I continuesly get an invalid user\password message. The password file, 'pass', is written like this (example) eoin pass test 1234 admin sys Here's the code for the program. a fellow monk help me structure it because this is my first proper cgi prog.

use strict;
use warnings;
use CGI;

my $q = new CGI;
my $user     = $q->param('user');
my $password = $q->param('pass');


#-----------------------------------------
#START OF MAIN PROGRAM
#-----------------------------------------

my ($title,$body);
if ( &verify($user,$password) eq "Valid" ){
  ($title,$body) = &valid();
} else {
  ($title,$body) = &fail();
};



print qq(Content-type: text/html\n
<html>
  <head><title>$title</title></head>
$body
</html>);



#-----------------------------------------
#END OF MAIN PROGRAM:BEGIN OF VERIFICATION
#-----------------------------------------


sub verify{
  my ($user,$password) = @_;
  open(PASS, "pass") or die "Couldn't find password file.\n";
  while(<PASS>){
    chomp;
    my ($ur,$ps) = split(/\t/, $_, 2);
    if ( ($ur eq $user) && ($ps eq $password) ){
      close PASS;
      return "Valid";
    }
  }
  close PASS;
  return "notValid";
}

#-----------------------------------------
#IF VALID
#-----------------------------------------

sub valid {
  my $title = "Login successful !";
  my $body = q(<body bgcolor="black" text="red">
<h3>Login succesful!</h3><br><br>
<a href="www.eircom.net"><h2>Click here to continue</h2></a><hr>
</body>);
  return ($title,$body);
}

#-----------------------------------------
#IF NOT VALID
#-----------------------------------------

sub fail {
  my $title = "Login unsuccessful !";
  my $body = q(<body bgcolor="black" text="red">
Invalid username\password.<br>
Please try again.<br><br><hr>
<form method=POST action="http://eoinmurphy.netfirms.com/cgi-bin/main.
+pl">
User Name:  <input name="user" size="30"><br>
Password:  <input name="pass" size="30"><br>
<input type="submit" value="Send"></form><hr>
</body>);
  return ($title,$body);
}

#-----------------------------------------
#END
#-----------------------------------------
[download]

I mustn't be reading the password file properly, I don't know.... Here's the html code for the form.

<form action="http://eoinmurphy.netfirms.com/cgi-bin/main.cgi" method=
+"POST">
    <p>User Name: <input type="text" size="30" name="user"><br>
    Password:<h7>.</h7>  <input type="text" size="30" name="pass"><br>
    <input type="submit" value="Send"> </p>
    <hr>
</form>
[download]

Comment on Login Please!! Select or Download Code

Replies are listed 'Best First'.
Re: Login Please!! by Trimbach (Curate) on Dec 30, 2002 at 22:50 UTC
Your code is fine... I just ran it on my machine and it worked perfectly without my changing anything. I suspect your problem is in your pass file... mine looked like this: `gary\ttest cheese\trock` [download] ...and that's it. (The \t's are actual tabs... I've just put them in like this so you can see them.) Are you running the CGI on a Windows webserver or a Unix server? If you're creating your password file in Windows and uploading it to a Unix server without changing the line endings you'll have problems. Hope this helps a little. Good luck! Gary Blackburn Trained Killer	[reply] [d/l]
Re: Re: Login Please!! by eoin (Monk) on Dec 30, 2002 at 23:44 UTC
I am Trimbach, yea. How do I change the line endings to suite uploading from Windows to Unix to make it work. Thanks. Eoin	[reply]
Re: Re: Re: Login Please!! by gjb (Vicar) on Dec 31, 2002 at 00:13 UTC
You don't need to change any files, just make sure that text files are transfered in ASCII mode. Hope this helps, -gjb-	[reply]
Re: Re: Re: Re: Login Please!! by eoin (Monk) on Dec 31, 2002 at 11:13 UTC
Re: Login Please!! by dws (Chancellor) on Dec 30, 2002 at 23:54 UTC
If the lines in your password file really look like `eoin pass test 1234 admin sys` then `my ($ur,$ps) = split(/\t/, $_, 2);` isn't what you want to do. Assuming that you really do have tabs in the file (and not spaces), the third argument causes you to be left with `$ur = "eoin"; $ps = "pass\ttest\t1234\tadmin\tsys";` [download] (For an explanation of why this is, consult the description of "split" in perlfunc.) Drop the third argument, and you'll be O.K. Stylistic comment: Consider returning a boolean (i.e., 0 or 1) instead of "Valid"/"notValid". There's far less chance of subtle typos causing you hours of debugging grief.	[reply] [d/l] [select]
Re: Login Please!! by poj (Abbot) on Dec 30, 2002 at 23:11 UTC
Hello eoin, I recognised that code .. as my suggestion ! The problem is here `my ($ur,$ps) = split(/\t/, $_, 2);` which expects your password file to be tab delimited like this `username<tab>password` I don't think yours is. If it is space delimited then use `my ($ur,$ps) = split(' ',$_,2);` If you have more than 2 fields then add $null1, $null2 as required. poj	[reply] [d/l] [select]
Re: Re: Login Please!! by iguanodon (Priest) on Dec 31, 2002 at 03:11 UTC
If you have more than 2 fields then add $null1, $null2 as required. Picking nits, I know, but how about adding undef, undef as required? I hate to see values assigned to variables that won't be used.	[reply]

Back to Seekers of Perl Wisdom