Hello,

I am attempting to have a page where you type in a password to progress to the next page, or get an error page back if you type in the wrong password.

My host has cgi enabled, but when I run my script it comes back with a message saying the host may not have enabled permissions in this directory, something I know is untrue as I am currently running other cgi scripts from the same place.

Could someone more knowledgable than myself look at the following code and see if there are any obvious errors?

Cheers

#!/usr/bin/perl
################################
### Murphyz Password Checker ###
################################

##############################################
## Definable variables ~ change as required ##
##############################################
$corePassword = "edit profile";
$linkLocation = "http://www.ancient-egyptians.net/forum/profile.php?mode=editprofile";

#######################################
## Get the posted data from the form ##
#######################################
read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name,$value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

###################################################
## Store the entered password in a perl variable ##
###################################################
$password = `echo $FORM{password}`; chop($password);

###############################################
## Check the $password matches $corePassword ##
## - if so direct to $linkLocation ##
## - if not request password again ##
###############################################
if ( $password eq $corePassword ) {
#########################################################
## Use "HTTP 403 Response" to redirect to linkLocation ##
#########################################################
print "Content-type: text/html\nLocation: $linkLocation\n\n";
} else {
##################################################
## Print HTML form again, showing Error message ##
##################################################
print "Content-type: text/html\n\n";
print <<EOM;
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<TITLE>Murphyz</TITLE>
</HEAD>
<BODY BGCOLOR="#990033" TEXT="#000000">
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0" WIDTH="100%" HEIGHT="100%">
<TR>
<TD ALIGN=CENTER>
<TABLE BGCOLOR="#ffffff" BORDER="0" CELLSPACING="2" CELLPADDING="3">
<TR>
<TD HEIGHT=28 BGCOLOR="#990033" BACKGROUND="../images/back.gif" ALIGN=CENTER><H1 STYLE="font-size: 11pt; color: #ffffff; font-family: arial, helvetica, sans serif;">Login</FONT></TD>
</TR>
<TR>
<TD ALIGN=CENTER>
<FONT STYLE="font-size: 25pt; color: #990033; font-family: arial, helvetica, sans serif;">
<B>Wrong Password!</B><BR>
<SMALL STYLE="font-size: 10pt;">Your IP address [$ENV{REMOTE_ADDR}] has been logged.</SMALL>
</FONT><BR>
<IMG SRC="../images/murphyz.gif" WIDTH="200" HEIGHT="91" ALT=" Murphyz " VSPACE=10><BR>
<FONT STYLE="font-size: 11pt; color: #000000; font-family: arial, helvetica, sans serif;"><B>Please enter your password to continue:</B></FONT>
<TABLE BORDER="0" CELLSPACING="10" CELLPADDING="0">
<FORM ACTION="password.cgi" METHOD=POST>
<INPUT TYPE=HIDDEN NAME="previous" VALUE="$password">
<TR>
<TD><INPUT TYPE=PASSWORD NAME="password" SIZE=40 STYLE="border: #990033 1px solid; font-size: 10pt; color: #000000; font-family: arial, helvetica, sans serif; background-color: #ffffff"></TD>
<TD><INPUT TYPE=IMAGE SRC="../images/next.gif" WIDTH="24" HEIGHT="24" ALT=" Login " BORDER=0></TD>
</TR>
</FORM>
</TABLE>
</TD>
</TR>
</TABLE>
<FONT STYLE="font-size: 8pt; color: #ffffff; font-family: arial, helvetica, sans serif;"><BR>Not yet a member? Then please <a href="mailto:michael@murphyz.co.uk" STYLE="font-size: 8pt; color: #ffff99; font-family: arial, helvetica, sans serif; text-decoration: none">email us</a> for details.</FONT>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
EOM
}
exit;

Mxx

Originally posted by murphyz

My host has cgi enabled, but when I run my script it comes back with a message saying the host may not have enabled permissions in this directory, something I know is untrue as I am currently running other cgi scripts from the same place.


I think it is your host problem, not the script then~ :p
What was the exact error msg? :o

Afraid I can't remember the exact message, but I managed to get around it somewhat.

Originally I had the <<EOM; print command which produced an output page. I deleted this and instead used another comman line at the top called $errorLocation which directed the user back to the same page (basically a refresh) upon a false entry being made...and this works fine.

This leads me to believe that there was an error with the EOM command. I tried the same file in another host I have and it worked, with the exception of it ignoring the first character after the print <<EOM; command (so it actually typed onto the page !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> and ignored the first <. No amount of twiddling would fix it.

I would still like to establish why there was an error, but I'm not chasing for an answer at this stage.

Many thanks.

Mxx

Originally posted by murphyz


######################################################
## Use "HTTP 403 Response" to redirect to linkLocation ##
######################################################
print "Content-type: text/html\nLocation: $linkLocation\n\n";




I don't see anything wrong with it, but I doubt the above part of code would work... It should be:


print "Location: $linkLocation\n\n";


You don't need to print the text/html header since you are just redirecting the user to another page