473,394 Members | 1,946 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > perl > questions > cgi script with password_field parameter

Join Bytes to post your question to a community of 473,394 software developers and data experts.

cgi script with password_field parameter

4
Hi,

I have this cgi script which is a simple authentication web page, it check the value of the password_field and if correct call the subroutine alfa.

I don't know why it stops with an error when I click on "insert new stream"

I tried to call the subroutine without the authentication part and it works.
Expand|Select|Wrap|Line Numbers
  1. #!/usr/bin/perl -Tw
  2. use CGI;
  3. $query = new CGI;
  4. print $query->header;
  5. print $query->start_html();
  6. if (!$query->param) {
  7.         print $query->startform;
  8.         print $query->password_field(-name=>'the_password',
  9.                 -size=>35,
  10.                 -maxlength=>50);
  11.         print $query->br;
  12.         print $query->submit(-value=>'Submit your password');
  13.         print $query->endform;
  14. } else {
  15.         $yourPassword = $query->param('the_password');
  16. if ($yourPassword eq '123') { alfa ();} {print 'error';}
  17.  
  18. }
  19.  
  20. print $query->end_html;
  21.  
  22.  
  23.  
  24. sub alfa () {
  25. use strict;
  26. use CGI::Carp qw(fatalsToBrowser);
  27. use CGI qw(:standard);
  28. use DBI;
  29. my $mode = param('mode');
  30. my $url = url;
  31. print header,
  32. start_html;
  33.  
  34. print h2('insert values'),
  35.      start_form(),
  36. textfield('DETAILS'),  'detail bor bla bla..' . br,
  37. textfield('TARGET_DATABASE') . br ,
  38. textfield('TARGET_HOST'). br,
  39. textfield('TARGET_IP') . br,
  40. textfield('TARGET_ACCOUNT') . br,
  41. textfield('SOURCE_DATABASE') . br,
  42. textfield('SOURCE_HOST'). br,
  43. textfield('SOUCE_IP') . br,
  44. textfield('SOURCE_ACCOUNT') . br,
  45. textfield('STREAM_NAME') . br,
  46. textfield('ID') . br,
  47. submit('insert new stream'),
  48.      end_form;
  49.  
  50. if($mode eq 'process_form')
  51.    {
  52. my $dbh = DBI->connect('DBI:Oracle:(DESCRIPTION = (ADDRESS_LIST =(ADDRESS = (PROTOCOL = TCP)(HOST = xx.xx.xx.xx)(PORT = xxxx)))(CONNECT_DATA =(SERVICE_
  53. NAME = xxxxxxx)))', 'monitor', 'monitor', {RaiseError=>'1'});
  54. my $sth = $dbh->prepare('insert into s_test (DETAILS, TARGET_DATABASE, TARGET_HOST, TARGET_IP, TARGET_ACCOUNT, SOURCE_DATABASE, SOURCE_HOST, SOUCE_IP, S
  55. OURCE_ACCOUNT,STREAM_NAME, ID)  values (? , ? , ?, ?, ?, ?, ?, ?, ?, ?, ?)');
  56.      $sth->execute(param('DETAILS'), param('TARGET_DATABASE'), param('TARGET_HOST'), param('TARGET_IP'), param('TARGET_ACCOUNT'), param('SOURCE_DATABASE
  57. '), param('SOURCE_HOST'), param('SOUCE_IP'), param('SOURCE_ACCOUNT'),param('STREAM_NAME'), param('ID'));
  58.      $dbh->disconnect;
  59.    }
  60.    print end_html;
  61. }
  62.  
Dec 28 '09 #1
11 3342
numberwhun
3,509 Expert Mod 2GB
In line 16, shown here:

Expand|Select|Wrap|Line Numbers
  1. if ($yourPassword eq '123') { alfa ();} {print 'error';}
  2.  
I took out the {print 'error';} and it gave a bunch of output. Try removing that and see if that is what you were looking for. Not sure why you had that print statement there, but it overrode the subroutine execution, or so it seems.

Also, any time you post code in the forums, please use code tags.

Regards,

Jeff
Dec 28 '09 #2
RonB
589 Expert Mod 512MB
Here are some questions for you to think about. As you answer them, your problem and solution should be discovered.

Why are you loading the CGI module twice?

Why are you using CGI's OO interface in the begining but then switch over to the functional interface in the sub?

Why do you have the use statements in the sub and not at the beginning of the script?

Why are you specifying an empty prototype in the subroutine declaration? You should be receiving this warning:
main::alfa() called too early to check prototype at m4x123.pl line 16
Why are you enclosing the print 'error'; statement in it's own block?

Why are you outputting 2 sets of headers?
Dec 28 '09 #3
RonB
589 Expert Mod 512MB
I have not tested the script but I don't think that print error statement prevented the script from working correctly.

After fixing the formatting of that else block, here is what it looks like.
Expand|Select|Wrap|Line Numbers
  1. else {
  2.     $yourPassword = $query->param('the_password');
  3.  
  4.     if ($yourPassword eq '123') {
  5.         alfa();
  6.     }
  7.  
  8.     { print 'error'; }
  9. }
It's more likely that it's the prototype that's causing the problem.
Dec 28 '09 #4
numberwhun
3,509 Expert Mod 2GB
I agree with you that I don't see why that would have effected it, but when I removed the print statement it produced a totally different output.
Dec 28 '09 #5
RonB
589 Expert Mod 512MB
I just tested the script as written by the OP and the only "error message" I receive is the one that is hard coded into the script and is displayed whenever the user clicks on the 'Submit your password' button.

The script works exactly as I would expect. Meaning that the form in the alfa() sub is displayed, but since there is no form field with the name of 'mode' anywhere in the script, then the corresponding DB code won't be executed.
Dec 29 '09 #6
m4x123
4
Hi,
First of all thanks to all of you for the help.
I changed the code as follow(see m4x123.txt attached):

1) implemented the Rob's formatting at line 16-21
2) I've updated the script with form field with method=post, hidden name and value='process_form'

I tested the subroutine again removing lines from 1 to 25 and using only "alfa ();" to call it and it works.

when I use all the script I can access the form for inserting the values in the form but after clicking on
the insert button I get the print 'error'; from line 23

from the error.log on the apache server:
[Tue Dec 29 11:46:39 2009] null: Use of uninitialized value in string eq at /u01/appl/ora102/product/http10g/Apache/Apache/cgi-bin/inspwd.pl line 19.

Still cannot figure out why the subroutine doesn't work if I call it from if statement.

should I use a different form ?

regards,
max
Attached Files
File Type: txt m4x123.txt (2.5 KB, 362 views)
Dec 29 '09 #7
RonB
589 Expert Mod 512MB
What makes you think the subroutine is not working? For me, it works exactly as I'd expect, but clearly it's not what you want. What are your expectations.

One of the first and most important steps in writing and troubleshooting code is the ability to clearly describe step by step what the code needs to do. This is called writing pseudo code. From there you fill in the code details to accomplish each step.

I have a good idea of what you want the script to do, but as written has a number of logic errors, which is why it's not doing what you want.
Dec 29 '09 #8
RonB
589 Expert Mod 512MB
Line 31 is one logic error example.

How can you retrieve the value of a hidden form field before creating the form in which it is defined?
Dec 29 '09 #9
m4x123
4
Hi Ron,

I just tried to reuse some code which I've found on internet since I like the flexibility and simplicity of perl/cgi but of course I'm not a perl expert

this for the insert into the database:
http://www.expertwebinstalls.com/cgi...ipulation.html

and http://www.devdaily.com/perl/perl-cg...ield-html-form
for the authentication

btw I don't want necessarily use this code what I'm trying to do is just creating a simple form for inserting a row in my table after authentication through another form. If you could address me I would really appreciate it.

thanks,
Max
Dec 29 '09 #10
RonB
589 Expert Mod 512MB
Your starting point should be to get a good beginners Perl book, such as Learning Perl http://oreilly.com/catalog/9780596520113

Once you have the basics, then move on to learning CGI and DBI programing with Perl.

I'm not going to rewrite your entire script, but I will give you a big head start by giving you the skeleton code.

Expand|Select|Wrap|Line Numbers
  1. #!/usr/bin/perl -T
  2.  
  3. use strict;
  4. use warnings;
  5. use DBI;
  6. use CGI;
  7. use CGI::Carp qw<fatalsToBrowser>;
  8.  
  9. my $cgi = CGI->new;
  10. my %form = $cgi->Vars;
  11. my %dispatch = (
  12.     login_form   => \&display_login_form,
  13.     authenticate => \&authenticate_user,
  14.     db_form      => \&display_db_form,
  15.     process      => \&insert_db_data,
  16.     error        => \&display_error,
  17. );
  18.  
  19. print $cgi->header, $cgi->start_html;
  20.  
  21. if (exists $dispatch{ $form{action}} ) {
  22.     $dispatch{ $form{action} }->();
  23. }
  24. else {
  25.     $dispatch{ login_form }->();
  26. }
  27.  
  28. exit;
  29.  
  30.  
  31. ### subroutine declarations ###
  32.  
  33. sub display_login_form {
  34.     # output your form
  35. }
  36.  
  37. sub authenticate_user {
  38.     # if successful auth, display the DB form
  39.     # else display error and login form
  40. }
  41.  
  42. sub display_db_form {
  43.     # output your form
  44. }
  45.  
  46. sub insert_db_data {
  47.     # db stuff
  48. }
  49.  
  50. sub display_error {
  51.     # some error message
  52. }
Dec 30 '09 #11
m4x123
4
Hi Ron,
I was thinking to download/buy some book but I didn't know which one would have worked better thks!!!
I've found now a code that works but I'll try to put it as your skeleton code.
Really appreciated your help and your valuable suggestions, thanks a LOT!!

Expand|Select|Wrap|Line Numbers
  1.      1  #!/usr/bin/perl -w
  2.      2  use strict;
  3.      3  use CGI qw(:standard);
  4.      4  use DBI;
  5.      5  my $dbh = DBI->connect('DBI:Oracle:(DESCRIPTION = (ADDRESS_LIST =(ADDRESS = (PROTOCOL = TCP)(HOST = xxxxxx)(PORT = xxxx)))
  6.      6  (CONNECT_DATA =(SERVICE_NAME = xxxxx)))', 'xxxx', 'xxxx', {RaiseError=>'1'});
  7.      7  my $mode = param('mode');
  8.      8  my $url = url;
  9.      9  print header,
  10.     10  start_html;
  11.     11  print h2({-align=>'center'}, 'Please insert the admin password to access this page'),
  12.     12   start_form(-action=>$url,
  13.     13                  -method=>'post'),
  14.     14       hidden(-name=>'mode',
  15.     15              -override=>2),
  16.     16  password_field ('password') . br ,
  17.     17  submit('check password'),
  18.     18       end_form,
  19.     19  ,br,hr,"\n";
  20.     20
  21.     21  if (param('password') eq 'a')
  22.     22     {
  23.     23  print h2('insert values'),
  24.     24       start_form(-action=>$url,
  25.     25                  -method=>'post'),
  26.     26       hidden(-name=>'mode',
  27.     27              -value=>'process_form',
  28.     28              -override=>2),
  29.     29  textfield('DETAILS'),  'detail bor bla bla..' . br,
  30.     30  textfield('TARGET_DATABASE') . br ,
  31.     31  textfield('TARGET_HOST'). br,
  32.     32  textfield('TARGET_IP') . br,
  33.     33  textfield('TARGET_ACCOUNT') . br,
  34.     34  textfield('SOURCE_DATABASE') . br,
  35.     35  textfield('SOURCE_HOST'). br,
  36.     36  textfield('SOUCE_IP') . br,
  37.     37  textfield('SOURCE_ACCOUNT') . br,
  38.     38  textfield('STREAM_NAME') . br,
  39.     39  textfield('ID') . br,
  40.     40  submit('insert new stream'),
  41.     41       end_form;
  42.     42     }
  43.     43  elsif ($mode eq 'process_form')
  44.     44     {
  45.     45  my $sth = $dbh->prepare('insert into s_test (DETAILS, TARGET_DATABASE, TARGET_HOST, TARGET_IP, TARGET_ACCOUNT, SOURCE_DATABASE,
  46.     46  SOURCE_HOST, SOUCE_IP, SOURCE_ACCOUNT,STREAM_NAME, ID)  values (? , ? , ?, ?, ?, ?, ?, ?, ?, ?, ?)');
  47.     47  $sth->execute(param('DETAILS'), param('TARGET_DATABASE'), param('TARGET_HOST'), param('TARGET_IP'), param('TARGET_ACCOUNT'),
  48.     48  param('SOURCE_DATABASE'), param('SOURCE_HOST'), param('SOUCE_IP'), param('SOURCE_ACCOUNT'),param('STREAM_NAME'), param('ID'));
  49.     49       print redirect($url . '?mode=read_submitted_names');
  50.     50       $dbh->disconnect;
  51.     51     }
  52.     52  elsif($mode eq 'read_submitted_names')
  53.     53     {
  54.     54       my $sth = $dbh->prepare('select *  from s_test');
  55.     55       $sth->execute;
  56.     56       while(my $row_href = $sth->fetchrow_hashref)
  57.     57       {
  58.     58         print $row_href->{ID};
  59.     59         print $row_href->{TARGET_DATABASE};
  60.     60         print $row_href->{TARGET_HOST};
  61.     61         print $row_href->{TARGET_IP};
  62.     62         print $row_href->{TARGET_ACCOUNT};
  63.     63         print $row_href->{SOURCE_DATABASE};
  64.     64         print $row_href->{SOURCE_HOST};
  65.     65         print $row_href->{SOUCE_IP};
  66.     66         print $row_href->{SOURCE_ACCOUNT};
  67.     67         print $row_href->{STRERAM_NAME};
  68.     68         print $row_href->{DETAILS};
  69.     69       }
  70.     70         $dbh->disconnect;
  71.     71     }
  72.     72     print end_html;
Dec 30 '09 #12

Sign in to post your reply or Sign up for a free account.

Similar topics

3
Passing data from java to a PHP script
by: Raju V.K | last post by:
can I use javascript and PHP in the following manner to create a pop-up window: <--- in <head> </head> <script language=javascript> function popup(folder1, file1) {...
PHP
0
MOM script for Citrix idle sessions: ? about running shell commands
by: Will Seay | last post by:
At the end of this message I've pasted a script we're trying to modify slightly. I don't believe it is VBscript or javascript but these are the closest groups I could find with my limited...
Visual Basic 4 / 5 / 6
2
Urgent: Calling a method of a java object (getting a boolean parameter) from java script
by: Eyal | last post by:
Hey, I would appriciate if anyone can help on this one: I have a java object/inteface having a method with a boolean parameter. As I'm trying to call this method from a javascript it fails on...
Javascript
1
Javascript Cookie Script Needs a Tweak
by: CR1 | last post by:
I found a great cookie script below, but don't know how to make it also pass the values sent to the cookie, to a querystring as well for tracking purposes. Can anyone help? If there was a way to...
Javascript
6
changing a registered client script block
by: Velislav | last post by:
Hi, I have a client script block, which is registered in my Page_Load. However a button may result in the need to change the script which I've registered. Obviously the OnClick event occurs...
ASP.NET
0
Odd script error when using client script callbacks (ASP.NET 2.0)
by: =?Utf-8?B?TG93bGFuZGVy?= | last post by:
Hello, I've built a web application that uses client script callbacks. It is used on a large network with a large variety of user OSes and IE versions. It was tested on IE 6 on different setups...
ASP.NET
3
Return status from a stored pros in a OS script
by: Odd Bjørn Andersen | last post by:
Is there a way to check the return status from a stored procedure when called from a OS (Windows) script? I have a stored procedure that does some checking in the database, and the return status...
DB2 Database
1
Connecting To Oracle Database From Unix(script)
by: ora2000 | last post by:
Hi I would like to create a unix script to connect to an ORACLE database using a oracle package. Also this script should provide functionality to call an oracle procedure that contains a parameter...
Oracle Database
2
Combining a Perl download counter script with an audio player pop-up window
by: peteinglastonbury | last post by:
I'd be most grateful if someone would help me. I hope I'm in the right forum (apologies if not) - I'm not sure whether my problem is CGI or Javascript related. I found a script called...
Perl
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!