Perl login problem

Tamilarasu123's Avatar
Light Poster
Hi,

I am new to perl script. I have created a login using per/cgi script. It is running via apache server. I have set the default page in apache as login page.
url-->ipadress: port. Whenever user tries to see the website its asks for the authetication. But i am facing a problem in
authentication, suppose when user tries to use the url-->ipadress: port/home.html it directly redirects to the home page
without asking for the login details. I need to redirect to the login page. So someone please help me to resolve this issue?
Tamilarasu123's Avatar
Light Poster
login.cgi:
Code:
#!/usr/bin/perl -w
$|=1;
use CGI qw/:standard/;
$q=new CGI;

	if(!($line=~/#/))
	{
		if ($line=~/User.*=(.*);(.*);(.*)/){
		      $user_name=$1;$user_pass=$2;
		      $user{$user_name}=$user_pass;
		}
	}

$username=$q->param("login");
$password=$q->param("password");

$username1="tamil";
$password1="arasu";

if ( $username eq $username1 && $password eq $password1 )
{ $action="ip:port/home.html"; }
else
{ $action="ip:port";}

print $q->redirect($action);

Last edited by shabbir; 9Jan2014 at 09:05.. Reason: Code blocks
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
So you are redirecting

print $q->redirect($action);

And I don't see you are asking user for any input for login.
Tamilarasu123's Avatar
Light Poster
Index.html:
HTML Code:
<HTML>
<HEAD>
<TITLE>Login</TITLE>

<script language="javascript">
function Set_Cookie()
{
var path   ='';
var domain ='';
var secure ='';
// set time, it's in milliseconds
var today = new Date();
today.setTime( today.getTime() );

/*if the expires variable is set, make the correct expires time, the current script below will set it for x number of days, to make it for hours,delete * 24, for minutes, delete * 60 * 24*/

var expires = 0

var expires_date = new Date( today.getTime() + (expires) );

document.cookie = "user" + "=" +escape( document.login_form.login.value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );

document.cookie = "password" + "=" +escape( document.login_form.password.value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );

document.login_form.submit();
}
function redirectTo() {
	var txt = document.getElementById("login").value;
	var txt1 = document.getElementById("password").value;

	if(txt=='' && txt1=='')
	{
	alert('Please Enter a Username and Password');
	}
	else if(txt1=='')
	{
	alert('Please Enter a Password');
	}
	else if(txt=='')
	{
	alert('Please Enter a Username');
	}
	}
</script>
</HEAD>
<body>
<form method="post" action="../cgi-bin/login.cgi" name=login_form>
<center><table>
<tr><td><font face="verdana,arial" size=-1>Username</td><td><input type="text" name="login"></td></tr>
<tr></tr>
<tr><td><font face="verdana,arial" size=-1>Password</td><td><input type="password" name="password"></td></tr>
<tr></tr>
<tr><td><font face="verdana,arial" size=-1><input type="submit" value="Enter" onclick="redirectTo()"></td></tr>
<tr><td colspan=2></td></tr>
</table></center>
</form>
</body>
</HTML>

Last edited by shabbir; 9Jan2014 at 17:12.. Reason: Code blocks
Tamilarasu123's Avatar
Light Poster
Hi Shabbir,
Thanks for your reply. I am using nearly 10 static html pages in our website. As i already told i am accessing it via the apache server.How can i prevent the users to see the other html pages without login?
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
You cannot block HTML pages but only pages that has server side coding like CGI pages where the check at the top is to see if user is logged in or not and if not then redirect to a login page else show the content.
Tamilarasu123's Avatar
Light Poster
Is there any way to accomplish this using the session in the static html pages?
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
If you can process the .html pages using CGI then yes.
Tamilarasu123's Avatar
Light Poster
Ok then if i am changing all the htnl pages to cgi how can i achieve it?
Can you please explain it briefly?
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
You have to set the cookies and check those cookies against the session and then validate or redirect.