September 2, 2014
Hot Topics:
RSS RSS feed Download our iPhone app

Password Protection

  • May 11, 2000
  • By Joe Burns
  • Send Email »
  • More Articles »

Oh man, do people want this! I get so many letters asking for a search engine that will search just the user's site. Well, here ya go. This will search whatever directory you want, list the results, and even recognize if any results were found or not. The script is fairly robust, checking not only the title and file, but also the full file text. I'm giving you a fairly bare-bones results page. You can gussy it up all you want. I'm interested in the script more than its appearance here.

How about we have a look-see, huh? This script is set up to search the directory that contains all of the PERL primers. If you want to be sure to get some results, search "perl" or "Joe". If you want to be sure to not get results, try searching "zorkbabble". I don't think that appears.

See "Search It!" in Action

The HTML and PERL Code

Passwords are a pain in the bazock. Unless you can configure a server to protect an entire page, you have to go with some kind of JavaScript that's pretty easy to get past. Plus - once you do get past it, the password is no longer valid because you can just zip right to the page. Yes, I know you can put the password on every page, but how dull will that be, putting in a password every time?

HTML Password Code

This password script is solid in that it's within a PERL script so you can look at code and see the password. Past that, the page it is protecting is within the cgi-bin so you can't get to it just by linking. You must go through the password page.

PERL Password Code

It's up to you if you want to put all of your protected pages within the cgi-bin or not. If you do - as long as the page requesting the document is within the bin, you can link to it. You cannot if you're linking from outside the bin. It's a protected directory. Very cool. Let's take a look. The correct password is "cow", but feel free to first put in a false password just to see what happens.

How It Works

Let's start right at the top.

#Look! Look! This is the password!!!! Shhhhhh!
Don't tell anyone!
$password = "cow";

The variable "$password" is created and given the text string value of "cow". Note the double quotes showing it's a text string.

Feel free to change it here if you don't think "cow" is a cool is a cool enough password. I can't imagine a better one, but it's up to you.

Next up is our old friend the form module that grabs and delineates the form information. We only have one item coming in, the password. Its NAME is "pw," so we'll be playing with the scalar variable $FORM{pw}.

# Does the password equal what the user wrote?
if($password eq $FORM{pw}) 

You've seen this before. The whole script is on big branching condition. The user has two options, get it right or don't.

We ask if the variable "$password" equals what the user wrote. If so, we have to do something. This...

#If it does, open this file
    {
    $file = "correct.html";
    open(FILE, $file);
    while(<FILE>)
       {
       print $_;
       }
    close(FILE);
    }

We set a variable "$file" to the value of the page we want to open. Note the double quotes. Please understand that the file we're showing here must be contained within the cgi-bin. We're only calling for it by name.

We open the file by using the command open, assigning the filehandle "FILE" and opening $file which is "correct.html".

While the file is open, print it. We do that using the general variable "$_". Remember that from last primer? It's a catch-all variable that you'll use to death.

Once the file has been printed, close it.

It's that simple. A correct password simply opens the file. It's up to you what to allow the user to do from there.

But what of the user doesn't get the password correct? This...

Otherwise, print out this page
    else
    {
    print "Content-type: text/html\n\n";
    print "<HTML>";
    print "<TITLE>Wrong!</TITLE>";
    print "<BODY BGCOLOR=#FFFFCC>";
    print "<CENTER><FONT COLOR=red Size = +4>
Nope!</FONT></CENTER><P>";
    print "Click BACK to try again";
    print "</BODY>";
    print "</HTML>";
    }
There's not a lot of explanation needed here. The script prints out a page to the browser screen that says the user is wrong. This is a fairly simple one; if you want to put in images and a link back to the search engine to try again, go for it.

Assignment

Maybe just one password isn't enough for you! It's just not good enough! You want two!

OK, fine. Set up the script so that the user must enter two correct passwords to get the page. Here's a hint: The code for "and" is "&&".

Here's a Possible Answer






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Sitemap | Contact Us

Rocket Fuel