Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??

Hi

Hope this will be of help:

  • If you are actually trying to make something secure, you should probably look for a ready-made module. Sorry, I don't know what's considered the best at the moment, you'll have to do some research or wait for someone else to recommend one.
  • On the login page, you seem to be checking the username (email address) then checking to see if there is an account with the specified password. Surely you need to check that the password belongs to that user: it looks like you can log into anyones account with your password at the moment. Need to pull out the password from the submitted email address, then check it is equal to the password submitted in the login form.
  • To solve the problem you asked about, and anything else that needs password protection, you'll need to keep track of logged in users between pages. You can't just pass round the username, or anyone will be able to access any account by changing the URL/cookie/etc. One way to do this would be to generate a session cookie and keep a record of which account it belongs to. Managing all this is quite complex and I would recommend finding a module.

Anyway depends exactly what you're doing but if you want some kind of security better do some research. Hope someone who knows more than me will provide more useful details..

FVS


In reply to Re: CGI - variables from first form to be seen in third form. by FalseVinylShrub
in thread CGI - variables from first form to be seen in third form. by valavanp

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others avoiding work at the Monastery: (17)
    As of 2014-08-28 15:39 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      The best computer themed movie is:











      Results (263 votes), past polls