develooper Front page | perl.beginners | Postings from April 2002

Re: authentication and user management

Thread Previous | Thread Next
From:
bob ackerman
Date:
April 25, 2002 12:47
Subject:
Re: authentication and user management
Message ID:
4FD757C0-5885-11D6-9AC6-003065428126@pacbell.net

On Thursday, April 25, 2002, at 12:15  PM, Mat Harrison wrote:

> also, what is the best way to include the cookie-checker in the restricted
> pages, ExecCGI or IncludeVirtual?

i use CGI::Cookie in a package of my subroutines.
I put 'use utils;' and call the checking subroutine at start of each of my 
cgi files.


> -----Original Message-----
> From: bob ackerman [mailto:rdacker@pacbell.net]
> Sent: Thursday, April 25, 2002 7:26 PM
> To: beginners@perl.org
> Subject: Re: authentication and user management
>
>
>
> On Thursday, April 25, 2002, at 10:58  AM, Mat Harrison wrote:
>
>> i am building a perl/cookie members system for my site using SSI to check
>> if
>> a cookie is present (set at login), if not, to redirect to an error page.
>> This is my plan:
>>
>>
>> 1. login page. check that the username and password match that in the
>> database.
>> 2. if yes then set a cookie with the users's ID from the database
>> 3. when the restricted page is called then the script attempts to 
>> retrieve
>> the cookie.
>>
>> How do i say if ($cookievalue eq "" || cookie does not exist){
>> 				redirect to an error page
>> 			}
>>
>> I know how to retrieve a cookie and redirect but how do i get the script
>> to
>> tell the difference between an incorrect cookie value (one that doesn't
>> match any IDs in the database) and no cookie at all.
>
> when you ask for a cookie for a given key, if it doesn't exist it will be
> empty.
> as in code above. I don't think you want to worry about the cookie
> existing with an empty value.
> That wouldn't be a valid login.
> Then if the cookie exists, you could do a db query to make sure the id is
> actually in the database.
>
>> If anyone can suggest anything about the cookies or any tips on this
>> subject
>> in general please help
>>
>> Thanks in Advance
>>
>> --
>> Matthew Harrison
>> Webmaster
>> www.genestate.com
>> mat.harris@genestate.com
>
>
> --
> To unsubscribe, e-mail: beginners-unsubscribe@perl.org
> For additional commands, e-mail: beginners-help@perl.org
>
>
>


Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About