Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: Protecting a PDF file

by Anonymous Monk
on Apr 26, 2013 at 12:13 UTC ( #1030811=note: print w/ replies, xml ) Need Help??


in reply to Protecting a PDF file

so what authentication mechanism do you use?

if( loggedIn() ){ if( userIsAllowed() ){ sendPdfFileWithResumingAndAllThat(); } else { errorNotAllowed(); } } else { errorNotLoggedIn(); }


Comment on Re: Protecting a PDF file
Download Code
Re^2: Protecting a PDF file
by jck (Scribe) on Apr 26, 2013 at 15:30 UTC
    there's a login page, which checks that a user is registered in our member database, and, if so, sets a session id cookie in SESSID, as well as a userid in TIUID. SESSID is generated using:
    my $sessid = join("", @chars[ map { rand @chars } (1 .. 20) ]);
    then, every page that is password-protected has the following at the top:
    my $q = new CGI; my $sessid = $q->cookie('SESSID'); my $UIDuser = $q->cookie('TIUID'); my %in = map { $_ => $q->param($_) } $q->param; if (!$sessid) { print $q->redirect("http://mydomain.org/memberarea/login/"); exit; } my $cookie = $q->cookie(-name=>"SESSID", -value=> $sessid, -expires => + "+2h", -domain=> '.mydomain.org'); print $q->header({-type=>"text/html", -charset=>"utf-8", -cookie=>$coo +kie}); my $pagetitle; my $dbh = DBI->connect('DBI:mysql:sitedatabase;host=localhost;port=330 +6', 'ouradminname', 'oursecretpassword') or die "Couldn't open database: $DBI::errstr; stopped"; my $sql = "SELECT UID, firstname, lastname, role FROM members WHERE lo +ginkey = '$sessid'"; # Prepare the SQL query for execution my $sth = $dbh->prepare($sql) || die "Couldn't prepare statement: $DBI::errstr; stopped"; # Execute the query my $result = $sth->execute || die "Error executing: $DBI::errstr"; if ($result == 0) { print $q->redirect("http://mydomain.org/memberarea/login/"); exit; }
    anyone with an expired or non-existent SESSID is redirected to the login page.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1030811]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (7)
As of 2014-12-28 17:36 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (182 votes), past polls