Problems? Is your data what you think it is? | |
PerlMonks |
Re^4: Can't override CGI parametersby ido50 (Scribe) |
on Jun 12, 2004 at 12:18 UTC ( [id://363591]=note: print w/replies, xml ) | Need Help?? |
Okay so $ENV{GATEWAY_INTERFACE} holds CGI/1.1 so it's not mod_perl. Anyway, I'll be a little bit more specific: Since my program is under developement, I'm the only one testing it right now. At first, I've logged in with a certain user account. Then I've logged out and tried to login with another user account. When logging in (After submitting the login form), the program loads the user given by $q->param('username') and checks if $q->param('password') equals the loaded user's password. When trying to login with another accout, I get the message that the password was incorrect, though I knew that the password submitted was correct, so I added a print statement to see the loaded password that the program was trying to match (Just in case you're wandering, I used Digest::MD5 so I see the digested password). What I saw was that $q->param('password') holds the password I've just entered in the form, but $q->param('username') ignores the username I've just entered in the form and keeps the old one, so the password do not match. Very strange. For example, let's say that there are two users: 1. username - 'admin', password - 'pass'. 2. username - 'test', password - 'hello'. I login with the first one. All is well. I logout, and fill the login form again, this time, with the info of the 2nd user. I enter 'test' and 'hello', but the program tries to match 'hello' with 'pass'. If I enter 'test' with 'pass', it will succeed and login to the program with 'admin' instead of 'test'. Maybe the problem is with the logout process... The logout process simply deletes the cookie (That holds the session ID) and that's it... ------------------------- Live fat, die young
In Section
Seekers of Perl Wisdom
|
|