.htaccess / .htpasswd

[brockuk]

I wish to add a members only area to my web site using htaccess and htpasswd. I would use the applications featured in abyss but i want automatic member updates. Does htaccess work on Abyss?
If so why cant i get it to work?

[Deledar]

.htaccess I think only works with Apache, why not use the feature where you can user/password protect your webpage in the Abyss control panel?

[brockuk]

i want automated membership and i dont think abyss does that! Does any one know of a password script that doesnt use htaccess?

[rockslammer]

[JohnC]

Dunno about making it work, rockslammer - but here is a BIG TIP that will save you heaps of time and effort... use "print qq"

Just type that, then ANY character. Then put all your plain text (and any $vars you want), then close it with the same "special" character and a semi-colon.

This makes Perl work kinda like ASP or PHP (sortof) - you can use plain HTML, and span multiple lines! Also, it allows you to use " and ' chars without escaping them - you ONLY have to escape the "special" character you use to start and end the command with (eg: if you use ~, then to print an ~ you gotta use \~ instead)

for example :

[rockslammer_]

Re: the above suggestion

print qq~
<TABLE>
<TR>
... plain HTML and/or $vars inside here...
</TR>
</TABLE>
~;

That works too, LOL :D
A lot of the scripts that I am converting were
written for UNIX in all arcane code,
start mixing stuff together and it becomes the
lowest common denominator, doesn't a camel
have 2 ____"quotes"____ on his back?
not ASP ish LOL :P



Anyway-

I got this thing to work the end of August, Had to add a _
to my old user name Forgot my PASSWORD ! ROFLMAO.

Now I stumbled across the original post -

So, here is a way to have a new member create an account and
be able to have immediate access.

NOTE: You want to hard code the html of the member's page
into the script.

However, You might use an <IFRAME that displays
a frameset or html page within the script -

WARNING WILL ROBINSON:

Realise that someone can find the URL from the source of
the Perl generated page and hot link to it without logging in if you <IFRAME.

ALSO, any regular html link that is hard coded in can be linked back
to as a favorite, etc...

I have made some of my links .pl files that envelope the refering
URL then match the referer to URL that I want used or redirect a saved
or pasted link to a login page.

Here is the login that works - the write user&&Password delimiters
have to be changed to match the login script

NO CAPITAL LETTERS IN THE user or passsword
are allowed

:: becomes ; and $dummy <> is added at the end

Also, I removed the ctime routine in the script I posted.
It wasn't important and was part of the problem with the
original scripts. White spaces and too many :: delimiters.



This script is logging in 100-300 users a day on Abyss/win NTFS
from a 3300 line file without problems :D

My Abyss server is handling 3000-6000 page requests per
day now. BTW


use CGI::Carp qw( fatalsToBrowser ); #comment ( fatalsToBrowser ) out when you are#
#done configuring as well as the -w in line 1#

#$basedir = "C:\Program Files\Abyss Web Server/htdocs";#path to server's public html#
print "Content-Type: text/html\n\n";
$suppress_characters = "1"; #if you change this to '0' shell commands can be passed#
$exclude = "%&|><:;$ (){}[]^#@!~+='\"?.,|\\*`";

sub parse_form
{
# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

# Split the name-value pairs
@pairs = split(/&/, $buffer);

foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);

$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

$FORM{$name} = $value;
}
}


#check the password user pair for illegal char and validate or reject#
sub check_pass
{
$userid = $FORM{'userid'};
$password = $FORM{'password'};
if ($suppress_characters eq "1") {

if ($userid=~/[$exclude]/ || $password=~/[$exclude]/) {

&illegal;
exit;
}
}

if (length($userid) <= 0 && length($password) <= 0)#reject empty fields#
{
print STDOUT "<CENTER><h2><font color=\"#FF0000\">You are Not Authorized to Access this Page.</font><BR>";
print STDOUT "Reason - EMPTY FIELDS</h2>";
print STDOUT "<P><h3>Go Back to the form and try again</h3></P></CENTER>";
die;
}
open(PASSFILE,"1jdue8ie/sjeu48ek.dat");
#change this to the path to your data file
#use random directory and filename
#as the file needs to be writable to the
#public in the make user pass script
#DO NOT STORE ANY FININCIAL OR OTHER SENSITIVE
#DATA IN THIS FILE - This is just a member login thing-
#It should not be considered secure
$/ = "<>";
$passtrue = 0;
#change the 1st script delimiting parameters
#to match the below
#user;password<>
while (<PASSFILE>)
{
@dummy = split("<>",$_);
@passrec = split(";",$dummy[0]);#the ; could be modified to :: | or : if you have current file to match#
@user = split(" ",$passrec[0]);
@pass = split(" ",$passrec[1]);
if (($user[0] eq $userid) && ($pass[0] eq $password))
{
$passtrue = 1;
last;
}
else
{
$passtrue = 0;
}
}
close(PASSFILE);
}

&parse_form;
&check_pass;
if ($passtrue == 1)
{
select STDOUT;
print "<HTML>";
print STDOUT "<html>\n";
print STDOUT "<head>\n";
print STDOUT "<title></title>\n";
print STDOUT "<meta http-equiv=Content-Type content=text/html; charset=iso-8859-1>\n";
print STDOUT "</head>\n";
#MORE HTML STUFF
print STDOUT "</body>\n";
print STDOUT "</html>\n";
}
else
{
print STDOUT "<CENTER><h2><font color=\"#FF0000\">You are Not Authorized to Access this Page.</font><h2>";
print STDOUT "<h3 align='center'>Reason - No such user or password</h3>";
print STDOUT "<h3 align='center'>Illegal Symbols! or..<BR></h3>";
print STDOUT "<h3 align='center'>Your password does not match.";
print STDOUT "<P>Go Back to the form and try again</P></h3></CENTER>";


die;
}

#########################################################################################
###### Error - user is sending illegal characters #####
###### This sub isn't working right - I ran out of patience feel free to fix it and #####
###### email me the fix barry /at compro-serve./com #####
#########################################################################################

sub illegal {
select STDOUT;
print "<HTML>";

print STDOUT "content-type:text/html\n\n";
print STDOUT "<html>";
print STDOUT "<head>";
print STDOUT "</head>";
print STDOUT "<body>";
print STDOUT "<table width='770' border='0' cellspacing='0' cellpadding='0' height='15'>";
print STDOUT "<tr>";
print STDOUT "<td width='20'>&nbsp;</td>";
print STDOUT "<td align='center'>&nbsp;</td>";
print STDOUT "<td align='center'>&nbsp;</td>";
print STDOUT "</tr>";
print STDOUT "</table>";
print STDOUT "<table width='770' border='0' cellspacing='0' cellpadding='0' name='Content' height='265'>";
print STDOUT "<tr>";
print STDOUT "<td width='20'>&nbsp;</td>";
print STDOUT "<td width='370' align='center' valign='top'>";
print STDOUT "<h1><font color='#000000'>IO ERROR<BR>ILLEGAL SYMBOLS</font></h1>";
print STDOUT "<h1><font color='#FF0000'>Failed request</font></h1>";
print STDOUT "</td>";
print STDOUT "<td width='10'></td>";
print STDOUT "<td align='left' valign='top'>";
print STDOUT "<h1 align='center'>Reason</h1>";
print STDOUT "<h3 align='center'>Some symbols are not allowed</h3>";
print STDOUT "<h3 align='center'></h3>";
print STDOUT "<h3 align='center'>Please go back and use alphanumeric characters or _ for a space.</h3>";
print STDOUT "<h3 align='center'>";
print STDOUT "<input type='submit' name='Go Back to Form' value='Try Again'";
print STDOUT "onclick='javascript:history.back(1)'>";
print STDOUT "</h3>";
print STDOUT "</td>";
print STDOUT "</tr>";
print STDOUT "</body>";
print STDOUT "</html>";
}

barry at compro-serve/./com
http://www.compro-serve.com/web/