Hey All,
I'm new to doing CGI with Perl and so am a little lost here.
I'm working on a web-accessible database system for a (rather large)
group of area churches and went through the rigmarole of assessing
various programming and scripting languages to see which is the best
tool for the job and I landed on Perl::CGI.
I started working on this project and have created scripts that
generate a registration page that emails the registration information
to me for processing. This is intentional, by the way, as I don't
want it to be a self-register site for certain security reasons.
These scripts work fine, so I started working on a logon form to allow
users who are already registered to logon. So, on my main page, I
have a right-hand pane that looks similar to this (in the HTML code):
<div id='rightcontent'>
<p><a href='http://myserver.domain.org/cgi-bin/
boms.cgi'>Register</a></p>
<br />
<h3>Logon</h3>
<form method='POST' action='http://myserver.domain.org/cgi-bin/
logon.cgi'>
Username:<br />
<input type='textfield' name='uname' /><br />
Password:<br />
<input type='password' name='pwd' /><br />
<input type='submit' name='logon' value='Logon' />
</form>
</div>
...etc...
This form displays pretty well, though I need to work on the width of
the fields, but that's not my issue. My issue is when I fill in the
data in the fields and submit it to my "logon.cgi" script, the
password value gets an arbitrary string of numbers attached to the end
and I am not having any luck figuring out where those numbers come
from, nor how to get rid of them back to the clear text of the
password. For example:
I enter the string 'hiyall2008' in the password field and get the
following values in my logon script...
Click 1: hiyall2008153639492
Click 2: hiyall2008135813700
Click 3: hiyall2008152312388
et cetera...
As you can see, there is a different arbitrary string of numbers at
the end of the clear text of the password entered. If it was the same
each time the password was entered, I would just make it a part of the
password and encrypt the whole thing into my database. However, each
time it is different. It appears to be only 9 numbers each time, so I
decided to try and strip those 9 numbers off the password with the
'substr()' method. So, I created the following sub procedure to do
that:
sub strip_string
{
my $ret = "";
for (my $i = 0; $i < length($_[0]) - 9; $i++) {
$ret .= substr(length($_[0]) - $i, 1);
#print $ret;
}
return $ret;
}
Now, when I use this method to "strip" the arbitrary numbers from the
end of the entered password, I get the following:
I enter the same password as before, "hiyall2008", and get the
following:
Click 1: 0134588996
Click 2: 0157203012
Click 3: 0138639940
Now, not only do I have arbitrary strings of numbers, I have 10
numbers instead of 9! I know that it is something that I'm not doing
correctly, but I cannot figure out what I'm doing wrong.
I've read through my Perl books, searched Google with numerous
different queries and read through a bunch of different references
online. However, none of them mention this issue with the password
field in a web form when accessed from Perl::CGI. I am at a complete
loss as to where to go from here. According to my "Perl Core
Language, Little Black Book", if I pass a negative number to the substr
() function's LEN parameter, substr() will remove that many characters
from the end of the string. Every other reference to the substr()
function, of course, says the same thing. However, when I've
attempted that, I only got back the characters that I was wanting
omitted. Frustration just keeps building!
Anyway, any help that y'all can give is greatly appreciated.
Especially, please, links to better examples of tweaking a string with
the substr() function. The ones in my "Little Black Book" are pretty
lame, and I was unable to find much better online. Again, any help is
greatly appreciated. I look forward to your responses.
Cheers,
Sean C.
PekinSOFT Systems
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
