On 6/1/07, Alma <[EMAIL PROTECTED]> wrote:
I have to store the authentication details like the user_id & password
in a file .
You're saying, you're going to have a file which contains one or more
user_id and password pairs, yes?
I am using postgres db & apache2.. , my search has landed me to
mod_auth_pgsql.
You probably want to use the standard authentication system that
Apache includes, most likely with an .htaccess file or something
similar. Check with your webmaster or system administrator. If the
that person is you, check the Apache documentation, or an Apache help
forum.
But if you somehow need to do this from Perl code, it's not hard. You
can use the crypt() built-in function to scramble the password, then
check it something like this.
# These come from the user, somehow
my $username = 'claimed username';
my $attempt = 'password attempt from user';
# Get this one from the file
my $scrambled = &scrambled_password_for($username);
if ($scrambled ne crypt($attempt, $scrambled)) {
&deal_with_bad_password;
exit;
}
# Clear sailing from here
There are other functions you could use instead of crypt, too. But
going with the tried-and-true Apache authentication beats
rolling-your-own for security, six days a week and twice on Sundays.
Hope this helps!
--Tom Phoenix
Stonehenge Perl Training
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
