The following subroutine is one I'm using as a simple password protection
for a web page - it works fine on my NT platform but on a unix one it isn't.

I have commented out the debug bit and included the output in the email
(bottom) and as you can see the $crypt and $pass are the same - so my
question is why does the script think the if ($crypt ne $pass) is true???
and just on unix - as on NT its gets it as false!!

Any help would be much appreciated,
Matt

sub logon {
        my ($q)=@_;
        my $method = 'POST';
        my $action = "$script"; 
        my $encoding = $CGI::URL_ENCODED; #
application/x-www-form-urlencoded!

        open (PASSIN, "$root/pass.conf");
    my $line = <PASSIN>;
    close (PASSIN);
    chomp($line);
    my ($name, $pass) = split(/:/, $line);

        # If the name given doesn't match the name in the file or the
password given
        # doesn't match the name in the file, print a message and exit.  The
code for
        # encrypting the password according to its first two characters was
taken
        # from Matt's WWWBoard Admin script... because it is good.

        my $user = $q->param('name');
        my $password = $q->param('secret');

        my $crypt = crypt($password, substr($password, 0, 2));

        if ($crypt ne $pass) {
                print $q->header,
                          $q->start_html('Blog It'),
                          $q->h3('Invalid Name/Password'),
                          $q->p('The name and password combination you have
given is invalid.'),
                          #the following is for debug purposes - see the
password
                          $q->br("user=$user"),
                          $q->br("password=$password"),
                          $q->br("crypt=$crypt"),
                          $q->br("name=$name"),
                          $q->br("pass=$pass"),
                          #finish debug info
                          $q->startform(-method=>$method,
                                                -action=>$action,
                                                -enctype=>$encoding),
                          #form info goes here
                          $q->textfield(-name=>'name',
                                                -default=>'admin',
                                                -size=>20,
                                                -maxlength=>80),
                          $q->br,
                          $q->password_field(-name=>'secret',
                                             -value=>'',
                                             -size=>20,
                                             -maxlength=>80),
                          $q->br,
                          $q->hidden(-name=>'user',
                             -default=>['ok']),
                          $q->submit('action', 'enter'),
                          #$q->submit('action', 'seevars'),
                          $q->reset(),
                          $q->endform,
                          $q->p,
                          $q->a({href=>'blog.cgi'},"view the journal"),
                          $q->end_html; 
                exit;
    }else{
                #set a cookie so that the script nows that the person has
logged on
                
                my $cookie = $q->cookie(-name=>'open',
                                  -value=>'sesame');
        print $q->header(-cookie=>$cookie),
                          $q->start_html,
                          $q->br('Correct Password');
                #the password is correct
                #print $q->p("correct Password");
                #&menu($q);
                #print $q->p();
                #print $q->end_html;
                
        }
}


output:

user=admin

password=matt

crypt=ma5XgjSoDieYE

name=admin

pass=ma5XgjSoDieYE 
_______________________________________________
Perl-Win32-Web mailing list
[EMAIL PROTECTED]
http://listserv.ActiveState.com/mailman/listinfo/perl-win32-web

Reply via email to