Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: Protecting a PDF file

by Anonymous Monk
on Apr 26, 2013 at 12:13 UTC ( #1030811=note: print w/ replies, xml ) Need Help??


in reply to Protecting a PDF file

so what authentication mechanism do you use?

if( loggedIn() ){ if( userIsAllowed() ){ sendPdfFileWithResumingAndAllThat(); } else { errorNotAllowed(); } } else { errorNotLoggedIn(); }


Comment on Re: Protecting a PDF file
Download Code
Re^2: Protecting a PDF file
by jck (Scribe) on Apr 26, 2013 at 15:30 UTC
    there's a login page, which checks that a user is registered in our member database, and, if so, sets a session id cookie in SESSID, as well as a userid in TIUID. SESSID is generated using:
    my $sessid = join("", @chars[ map { rand @chars } (1 .. 20) ]);
    then, every page that is password-protected has the following at the top:
    my $q = new CGI; my $sessid = $q->cookie('SESSID'); my $UIDuser = $q->cookie('TIUID'); my %in = map { $_ => $q->param($_) } $q->param; if (!$sessid) { print $q->redirect("http://mydomain.org/memberarea/login/"); exit; } my $cookie = $q->cookie(-name=>"SESSID", -value=> $sessid, -expires => + "+2h", -domain=> '.mydomain.org'); print $q->header({-type=>"text/html", -charset=>"utf-8", -cookie=>$coo +kie}); my $pagetitle; my $dbh = DBI->connect('DBI:mysql:sitedatabase;host=localhost;port=330 +6', 'ouradminname', 'oursecretpassword') or die "Couldn't open database: $DBI::errstr; stopped"; my $sql = "SELECT UID, firstname, lastname, role FROM members WHERE lo +ginkey = '$sessid'"; # Prepare the SQL query for execution my $sth = $dbh->prepare($sql) || die "Couldn't prepare statement: $DBI::errstr; stopped"; # Execute the query my $result = $sth->execute || die "Error executing: $DBI::errstr"; if ($result == 0) { print $q->redirect("http://mydomain.org/memberarea/login/"); exit; }
    anyone with an expired or non-existent SESSID is redirected to the login page.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1030811]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (4)
As of 2015-07-04 07:52 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (58 votes), past polls