473,385 Members | 1,343 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > ot? php form and html

Join Bytes to post your question to a community of 473,385 software developers and data experts.

OT? php form and html

Sorry to ask an old question, but I cant seem to get this simple php
to work. Ive looked at old postings and for whatever reason cant seem
to
get this to work. Any help is greatly appreciated. Im new to PHP.

My PHP works just fine (apparently), but doesnt work the way I want it
to.

All I want to do is accept a login and password and then send it off to
a perl script on 'submit'. It never appears to get into my 'if'
section,
any suggestions? I cant seem to get the following to work:

<html>
<body>

<?php

if (isset($_POST['Submit']) && ($_POST['login'] == 'login'))
{
print "Login: $login\n";
print "Pass: $pass\n";
$file = popen("/home/http/website/cgi-bin/gs_do_search.pl $login
$pass","r");
while ($line = fgets($file,1024)) {
// display it now
}
}
?>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

Login: <input type="text" name="login"><br>
Password: <input type="password" name="pass"><br>
<br>
<input type="Submit" name="Submit" value="login">
</form>

</body>
</html>

Jul 17 '05 #1
6 1839
*** Jeff wrote/escribió (20 Apr 2005 21:48:16 -0700):
All I want to do is accept a login and password and then send it off to
a perl script on 'submit'. It never appears to get into my 'if'
section, [...] if (isset($_POST['Submit']) && ($_POST['login'] == 'login'))
This code means that if username takes the value of "login", you'll call
the perl script and pass the variables to it. So if I type "john" it'll
never enter the if(). Is that what you want?

$file = popen("/home/http/website/cgi-bin/gs_do_search.pl $login
$pass","r");


A few of things I can think of:

gs_do_search.pl is in the cgi-bin folder. So, is it a CGI? If it is, is
there a reason why you can't just feed the form to it? If it isn't, why is
it in a public folder that makes it executable by anyone?

What if I type something like "; rm -rf /" as password?

Make sure your Perl script reads input from command line arguments, not
standard input.

--
-- Álvaro G. Vicario - Burgos, Spain
-- http://bits.demogracia.com - Mi sitio sobre programación web
-- Don't e-mail me your questions, post them to the group
--
Jul 17 '05 #2
Alvaro G Vicario wrote:
What if I type something like "; rm -rf /" as password?


As the web server is probably running as a non privileged user you'd
probably just get "permission denied". Try the password "; rm -rf ."
instead! ;-)

--
Mental Floss prevents Moral Decay.

Jul 17 '05 #3
Ok I probably have misunderstood how this php form should work. I got
it as an example. Im so new to PHP, I need a book soon.

What I want is, an HTML page that uses PHP for a login and password
that will execute a cgi-bin script with that login and password. I am
using apache on a linux server and need a password field which is why I
cannot use plain html with <input type="password" etc> I need it to
be hopefully 'secure' by using PHP (as secure as that can be?)

So, html gets login/pass, posts to cgi-bin perl script using PHP in the
HTML form. Thats all I wanna do. :)

Jul 17 '05 #4
*** Jeff wrote/escribió (21 Apr 2005 12:48:15 -0700):
What I want is, an HTML page that uses PHP for a login and password
that will execute a cgi-bin script with that login and password. I am
using apache on a linux server and need a password field which is why I
cannot use plain html with <input type="password" etc> I need it to
be hopefully 'secure' by using PHP (as secure as that can be?)
Well, you cannot secure CGI scripts in Perl using PHP. With PHP you can
only secure PHP.

So, html gets login/pass, posts to cgi-bin perl script using PHP in the
HTML form. Thats all I wanna do. :)


Why? Can't your Perl script handle user+pass by itself?

<form action="/cgi-bin/gs_do_search.pl">

--
-- Álvaro G. Vicario - Burgos, Spain
-- http://bits.demogracia.com - Mi sitio sobre programación web
-- Don't e-mail me your questions, post them to the group
--
Jul 17 '05 #5
I thought that by using a standard:

<form action="/cgi-bin/gs_do_search.pl"> with a login and password you
can intercept it if you snoop the line? What I want is something much
more secure which is either encrypted on the front end, transmitted and
then decrypted or ?? I dont know what.

How do you mean I can only secure PHP with PHP? Do you mean I do:
<form action="/cgi-bin/gs_do_search.php"> rather than .pl using a PHP
html page?

Jul 17 '05 #6
*** Jeff wrote/escribió (22 Apr 2005 13:30:50 -0700):
I thought that by using a standard:

<form action="/cgi-bin/gs_do_search.pl"> with a login and password you
can intercept it if you snoop the line?
Yes, you certainly can sniff it on its way to the server. So, what can you
do *after* your data was sniffed?

What I want is something much more secure which is either encrypted on
the front end, transmitted and then decrypted or ?? I dont know what.
SSL?

How do you mean I can only secure PHP with PHP?


I mean that you cannot use PHP to protect something that is not retrieved
through the PHP interpreter (such as a Perl CGI). You cannot use a security
door to protect your windows ;-)

--
-- Álvaro G. Vicario - Burgos, Spain
-- http://bits.demogracia.com - Mi sitio sobre programación web
-- Don't e-mail me your questions, post them to the group
--
Jul 17 '05 #7
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
Perl - Form handler
by: John | last post by:
Dear all, It been more than 3 days I am trying to debug this program, I interpret it using activePerl and it is giving (perl -wc code_process.pl) no error syntax but when I put it online, change...
Perl
2
detecting when a frame has loaded the result of a form submit
by: Halldór Ísak Gylfason | last post by:
In my application I have an iframe that is empty (and not visible) initially, however when a user presses a button a form is programmatically submitted and the target is set to the IFrame. I...
Javascript
4
Form submission in Firefox
by: Stuart Perryman | last post by:
Hi, I have the following code which works just fine in IE6 but not in Firefox. It is an extract of several table rows each with an individual form. It is generated by php. <form...
Javascript
4
Opera bug? -- disappearing <form> ?!
by: Howard Jess | last post by:
In Opera 8.01 (Linux; Build 1204) and in Opera 7.54 (Windows XP; Build 3865), my form disappears from the HTML markup (below). To summarize: 1) In a <script> block in the <head> I create a form...
Javascript
19
<form> syntax
by: Coward 9 | last post by:
HI, I saw in an example hello.aspx, there is a <form tagbeing used like <form runat="server> I search all html tag references and could NOT find "runat" attributes for <formtag. which...
ASP.NET
0
bmallett
Retrieving Dynamic Form Data?????
by: bmallett | last post by:
First off, i would like to thank everyone for any and all help with this. That being said, I am having a problem retrieving/posting my dynamic form data. I have a form that has multiple options...
ASP / Active Server Pages
1
How to submit Iframe form and its Parent form at once.
by: IframeLearner | last post by:
Hi , I am trying to upload a file from a parent.jsp using Iframes. From Parent page. I have to save Subject, Desc, File and file name. to upload the file i am using Iframe. I want the...
Javascript
1
Inputing value in a form using javascript
by: macintoshhondo | last post by:
Hi ! i am a newbie and dont know javascript much. what i really need is a simple javascript code that can insert number in the value section of the different forms from the one form. FORM 1:...
Javascript
3
Element "GESCHLECHT" is undefined in FORM.
by: blackrunner | last post by:
ERROR in my Query?! ERROR: Element GESCHLECHT is undefined in FORM. i think everything ok. Maby somebody can help me here Element GESCHLECHT is undefined in FORM. The error occurred...
ColdFusion
3
Need help testing conditions of a form--trouble with SELECT elements
by: ibeehbk | last post by:
Hi. I have a form made in xhtml. I test via vbscript to make sure none of the fields are empty and properly formatted (ie email). All the regular fields work. However, I have two drop down menus...
Visual Basic 4 / 5 / 6
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!