develooper Front page | perl.beginners | Postings from April 2002

Re: authentication and user management

Thread Previous | Thread Next
From:
bob ackerman
Date:
April 29, 2002 09:29
Subject:
Re: authentication and user management
Message ID:
526EAE5F-5B8E-11D6-BA03-003065428126@pacbell.net

On Monday, April 29, 2002, at 08:28  AM, Mat Harrison wrote:

> that looks like the sort of thing, but i don't want the script to die if 
> the
> cookie doesn't exist and i'm sorry, but I don't really understand the 
> second
> snippet

the first snippet showed you my current code. you don't have to follow it 
as an example since it is flawed :)
the 2nd snippet first tries to get the cookie and then makes sure that the 
element exists before trying to get its value:
$ref = $cookie{'usertype'};     # now we can test to make sure this cookie 
item actually exists

if ($ref)				  	# does item exist?
{
	$val = $ref->value;		# yes, so we can safely ask for its value
	....					# and examine/test/use the value
}
else
{
	...					# handle error
}
this we avoid trying to get the value of an undefined item.
you can do what you want on error - ignore it,print out an error message, 
redirect, etc.


> -----Original Message-----
> From: bob ackerman [mailto:rdacker@pacbell.net]
> Sent: Sunday, April 28, 2002 7:51 PM
> To: beginners@perl.org
> Subject: Re: authentication and user management
>
>
>
> On Sunday, April 28, 2002, at 06:15  AM, Mat Harrison wrote:
>
>> sorry to have to go back to this but I have found that if i try to fetch
>> a
>> cookie that isn't there, it doesn't return empty, it gives me a 500 error
>> and something like this.
>>
>> Can't call method "value" on an undefined value at check_login.cgi line 
>> 9.
>
> i think i was open to this problem in my code.
> i have:
> 	%cookie = fetch CGI::Cookie or die "can't get cookie";
> 	$usertype = $cookie{'usertype'}->value;
>
> i/we should be checking for its existence.
> say
> $ref = $cookie{'usertype'};
> $val=0;
> if ($ref)    # or if (defined($ref)) ?
> {
> 	$val = $ref->value;
> }
> else
> {
> 	print "cookie 'usertype' doesn't exist";
> }
>
>
>> -----Original Message-----
>> From: bob ackerman [mailto:rdacker@pacbell.net]
>> Sent: Thursday, April 25, 2002 8:48 PM
>> To: beginners@perl.org
>> Subject: Re: authentication and user management
>>
>>
>>
>> On Thursday, April 25, 2002, at 12:15  PM, Mat Harrison wrote:
>>
>>> also, what is the best way to include the cookie-checker in the
>>> restricted
>>> pages, ExecCGI or IncludeVirtual?
>>
>> i use CGI::Cookie in a package of my subroutines.
>> I put 'use utils;' and call the checking subroutine at start of each of 
>> my
>> cgi files.
>>
>>
>>> -----Original Message-----
>>> From: bob ackerman [mailto:rdacker@pacbell.net]
>>> Sent: Thursday, April 25, 2002 7:26 PM
>>> To: beginners@perl.org
>>> Subject: Re: authentication and user management
>>>
>>>
>>>
>>> On Thursday, April 25, 2002, at 10:58  AM, Mat Harrison wrote:
>>>
>>>> i am building a perl/cookie members system for my site using SSI to
>>>> check
>>>> if
>>>> a cookie is present (set at login), if not, to redirect to an error
>>>> page.
>>>> This is my plan:
>>>>
>>>>
>>>> 1. login page. check that the username and password match that in the
>>>> database.
>>>> 2. if yes then set a cookie with the users's ID from the database
>>>> 3. when the restricted page is called then the script attempts to
>>>> retrieve
>>>> the cookie.
>>>>
>>>> How do i say if ($cookievalue eq "" || cookie does not exist){
>>>> 				redirect to an error page
>>>> 			}
>>>>
>>>> I know how to retrieve a cookie and redirect but how do i get the 
>>>> script
>>>> to
>>>> tell the difference between an incorrect cookie value (one that doesn'
>>>> t
>>>> match any IDs in the database) and no cookie at all.
>>>
>>> when you ask for a cookie for a given key, if it doesn't exist it will 
>>> be
>>> empty.
>>> as in code above. I don't think you want to worry about the cookie
>>> existing with an empty value.
>>> That wouldn't be a valid login.
>>> Then if the cookie exists, you could do a db query to make sure the id 
>>> is
>>> actually in the database.
>>>
>>>> If anyone can suggest anything about the cookies or any tips on this
>>>> subject
>>>> in general please help
>>>>
>>>> Thanks in Advance
>>>>
>>>> --
>>>> Matthew Harrison
>>>> Webmaster
>>>> www.genestate.com
>>>> mat.harris@genestate.com
>>>
>>>
>>> --
>>> To unsubscribe, e-mail: beginners-unsubscribe@perl.org
>>> For additional commands, e-mail: beginners-help@perl.org
>>>
>>>
>>>
>>
>>
>> --
>> To unsubscribe, e-mail: beginners-unsubscribe@perl.org
>> For additional commands, e-mail: beginners-help@perl.org
>>
>>
>>
>
>
> --
> To unsubscribe, e-mail: beginners-unsubscribe@perl.org
> For additional commands, e-mail: beginners-help@perl.org
>
>
>

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About