| View previous topic :: View next topic |
| Author |
Message |
derek
-
Joined: 10 Oct 2003
Posts: 14
|
 Posted: Sun Dec 14, 2003 6:16 am Post subject: login using cgi |
 |
|
i want to login to protected dirs on abyss using a cgi/perl script without getting the popup box. in other words, i want to login from a form (not the javascript method that displays the user/pass in the address bar).
any suggestions?
Thanks, Derek |
|
| Back to top |
  |
 |
Anonymoose
-
Joined: 09 Sep 2003
Posts: 2192
|
| Posted: Sun Dec 14, 2003 1:27 pm Post subject: |
|
|
| I'm 99% sure that with Basic Auth type authentication there's no way to change over from using the popup box... I'll be happy to be proved wrong though :) |
|
| Back to top |
|
|
Axis
-
Joined: 29 Sep 2003
Posts: 336
|
| Posted: Sun Dec 14, 2003 6:02 pm Post subject: |
|
|
Hi derek--
There is a simple password cgi script here:
http://www.technotrade.com/password/
However, it will only protect logging into a directory. Any user who bookmarks pages within the directory can then access them directly...hence its' limitation.
I used this for a bit and it works fine except for the above caveat. I switched to Abyss authentification method because it offers better protection.
Regards,
Axis |
|
| Back to top |
|
|
derek
-
Joined: 10 Oct 2003
Posts: 14
|
| Posted: Mon Dec 15, 2003 12:03 am Post subject: |
|
|
thank you all for your replies. Let me add a few more details and see if anyone has some ideas in regards to this.
I want to make a basic front page which by default you are logged into as a "guest" with no priviledges, then can login with your username and password, which then gives a customized front page. *THEN* from this page where you are "logged in" you will be able to go right to the password protected directories. Confusing enough for you? LOL
Thanks again for any tips.
Derek |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Wed Dec 17, 2003 4:46 pm Post subject: |
|
|
derek,
What you ask for requires a small database (or even a text file) where you store the logins/passwords, a regitsration page, a login page. You'll need also to use sessions (using cookies for example) to track users.
The best in your case is to understand the source code of forum script that has the same features and to rewrite a similar solution.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
 |
|
rockslammer_
-
Joined: 19 Sep 2003
Posts: 6
Location: Michigan
|
| Posted: Thu Dec 18, 2003 9:03 pm Post subject: Logins, Hot Linking and Redirection |
|
|
write 2 scripts
1- make user and pass
2- login
Have the login script output the page in Perl.
Make sure that the login script has an empty fields sub routine.
That way if someone links to the script without sending form data they
get an error output.
This method has its limitations....
But solves the link back problem.
This just a way to use Perl for authorization INSTEAD
of the htaccess config in the server.
Perl authentication is not real secure.
But then unencrypted form transmitted
htaccess data is not secure either, anyone on the
Local network can sniff the packets or key log
the box..same applies to form data sent to a cgi.
Give your password file a name like asdhj349dhe.dat and put it in
a htaccess protected directory in the cgi-bin directory, or better yet in a
directory off root if you can get Perl can find it OK.
Using the techno script posted above as an example-
change
sub goto_url {
print "Location: $correcturl\n\n";
}
to:
sub goto_url {
print "the actual html code\n";
print "bla bla etc\n";
}
Also a tip on redirection code --
print "Location: $correcturl\n\n";
This type of coding didn't work for me with Abyss on W2K with
ActiveState Perl for a different script that I am using.
This looks odd but it will work!
print "<SCRIPT LANGUAGE=\"JAVASCRIPT\">\n\n";
print "document.location.href=\"$correcturl\"\n\n";
print "</SCRIPT>";
Only problem with the Javascript redirect above -
If the user has java disabled, it won't work.
You might want to add a body tag and plain text warning
print "please enable javascript and refresh page..\n";
In Perl there is always more than one way to do it.
Perl on WIN is tricky - a lot of scripts that you will find
free were designed for UNIX - they have to be tinkered with
to work on an Abyss - Windows set up.
Barry at compro-serve .com
www.compro-serve.com/web/ |
|
| Back to top |
 |
|
Toadhead
-
Joined: 01 Dec 2003
Posts: 21
|
| Posted: Fri Dec 19, 2003 8:31 pm Post subject: |
|
|
hm...
I found an free, simple open source code to make an simple register form on your site, and an box to login.
The index page will have an protected and an non protected part, if your loged in you get: "<TYP HERE WHAT YOU WANT>" and if your not loged in you get "<TYP HERE WHAT YOU WANT>", ofcourse not only text but also pictures and other codes, and if you want you can make every page protected, just by typing "<?php include config.php ?>" (or somthing like that) at the beginning, and than you have an code like $loged {HERE PROVTED PART} and "else" {UNPROTECTED PART} so you can create some text at the bottom like please login, than your whole page can be protected.
Its an very basic and easey to understand script, probably there better script if you need an very good protection, but its free so I can't say its bad.
Btw it works with cookies...
The script is written in php, and you'll need an mySQL database. If you have interest you can download it here:
http://www.freewebs.com/toadhead/bgdev_login.zip
Toadhead |
|
| Back to top |
|
|
|
