Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??

Fellow monks,

I am hoping someone can point out the error(s) of my way here. I am using an html form to POST two values 'user' and 'pass' to a validation script, which sets a cookie called 'id' (if the user is valid) and returns a link to the main cgi that requires the cookie

Security pundits - I know this is frightfully insecure to send 'pass' in this manner , I believe it's as bad as an ftp site without strong auth, or telnet. I have read Ovid's offsite cgi tutorials (recommended). For the moment I am trying to get cookies to work at ALL, before trying to secure them.

so the validator looks like

#!/usr/bin/perl -wT use strict; use CGI; my $q= CGI->new(); my $name = $q->param('name'); my $password = $q->param('password'); while ( my($u , $p ,,) = getpwent ) { if ($name eq $u) { my $salt = substr($p,0,2); my $check = crypt ($password, $salt); if ($check) { # yes yes, it's always true - FOR NOW! &success; } else { &fail }; } } &fail; exit(0); sub fail { print $q->header('text/html'), $q->start_html(-title=>'Unsuccessful Login'), $q->a({href=>'http://proxy/testform.html'} ,'Return to Login P +age'), $q->end_html; exit(0); } sub success { my $cookie = $q->cookie(-name=>'id', -value=>$name , -expires=>'-1h'); print $q->header(-type=>'text/html', -cookie=>$cookie), $q->start_html(-title=>"Welcome $name"), $q->a({href=>'http://proxy/cgi-bin/view/browse.pl?test=1'}, 'P +roceed to Viewing Area'), $q->end_html; exit(0); }

I am certain that this is setting a cookie, IE warns me and I accept the cookie. But when browse.pl runs

#!/usr/bin/perl -wT use strict; use CGI; use Data::Dumper; my $q= CGI->new; my $cookie = $q->cookie('id'); #This keeps returning undef

Apache documentation is pretty sparse , and indicates that cookie problems are generally script or client based, the system I am running on is RH7.3, perl 5.6.1 , apache 1.3.26



$row x 3 , $boat->your;

In reply to CGI.pm, cannot retrieve cookie. by submersible_toaster

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (3)
As of 2021-10-28 02:13 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My first memorable Perl project was:







    Results (95 votes). Check out past polls.

    Notices?