User/Password validation

Tue, 14 Jul 2009 15:39:05 -0700 

There are almost 10 users who are trying to access a CGI web page. I need
the authentication part to be enabled for these users since the data should
not be seen by each other and should be shown only for these users.

I was trying to do a user/pass logon screen validated against XML file.

XML file
users.xml

<?xml version='1.0'?>
<config logdir="/var/log/foo/" debugfile="/tmp/foo.debug">
    <delivery user="testuser1">
       <pass>password</pass>
       <pass>Admin</pass>
    </delivery>
    <delivery user="adersd">
       <pass>password</pass>
       <pass>Adian Sarm</pass>
    </delivery>
</config>


This is the sample code in the CGI-Internet. I have take this since checking
if the XML user/password can be done or not?

#!/usr/bin/perl -w
#use strict;
use CGI();
use XML::Simple;
use Data::Dumper;
$upload_form = new CGI;
print $upload_form->header;
print $upload_form->start_html(-title=>'Login',
       -base=>'true');
print $upload_form->start_form();
$upload_form->import_names('upload_form_names');
$tmp=$upload_form_names::username;
##XML Get
$xml =  new XML::Simple;
$data = $xml->XMLin(users.".xml");
$xmlusr=$tmp;
$xmlpass=$config->{delivery}->{$tmp}->{pass}->[0]; print $xmlpass;
$xmlname=$config->{delivery}->{$tmp}->{pass}->[1]; print $xmlname;

if (!$upload_form_names::username or !$upload_form_names::passwd)
{   printLogin();
    }
elsif ($upload_form_names::username eq $xmlusr
        and $upload_form_names::passwd  eq $xmlpass) {
    print $xmlname;  }
else {
    printLogin(); }
print $upload_form->end_html;
sub printLogin
{
    print 'username: ',
        $upload_form->textfield({-name=>'username',
                                 -size=>20,
                                 -maxlength=>20});
    print $upload_form->p();
    print 'password ',
        $upload_form->password_field({-name=>'passwd',
                                      -size=>20,
                                      -maxlength=>20});
    print $upload_form->p();
    print $upload_form->submit({-name=>'login_btn',
                -value=>'Login'});
    print $upload_form->end_form();
    print $upload_form->end_html;
}



The password/name for the users are not taken using the XML module. I am not
sure if this is the correct way for uservalidation. Please give a helping
hand if there are any other optimized way of handiling such cases. Also I
was planning to generate the cookie setup so that the user do not have to
login again if the cookie is still valid.


Thanks
Vai

Reply via email to