##
#!/usr/bin/perl
use warnings;
use strict;
use CGI::Carp 'fatalsToBrowser';
use CGI qw/:standard/;
use Digest::MD5 qw(md5_hex);
use CGI::Cookie;
use DBI;
####################
# Configuration section
####################
my $dbase = "spyders_test";
my $mysql_user = "spyders_admin";
my $mysql_pass = "pass";
####################
# Do NOT edit below this line
####################
######
# Connecting to our database
######
my $dbh = DBI->connect("DBI:mysql:$dbase", $mysql_user, $mysql_pass) or
print DBI=>"errstr";
#######
# Check to see if they have a login cookie
#######
my %cookies = fetch CGI::Cookie;
if (defined($cookies{'user_id'}))
{
print header, start_html("Login");
print "You are already logged in. Please wait while you're redirected...";
print "\n";
exit;
}
#######
# The form was submitted, let's process it
#######
if (param())
{
my $username = param("username");
my $password = param("password");
$password = md5_hex($password);
my $data = qq(SELECT * FROM admin WHERE username = "$username" AND password = "$password");
my $sth = $dbh->prepare($data);
$sth->execute() or die $dbh->errstr;
if ($sth->rows < 1)
{
print header, start_html("Authentication Failed");
print "User was $username: password was $password";
print "Your username or password were incorrect.
Please click Back to continue
";
exit;
}
else
{
while ($data = $sth->fetchrow_hashref)
{
my $auth_user = new CGI::Cookie(-name => 'user_id', -value => $username);
my $auth_pass = new CGI::Cookie(-name => 'user_pass', -value => $password);
print "Set-Cookie: $auth_user\n";
print "Set-Cookie: $auth_pass\n";
print header, start_html("Login");
print "Welcome " . $username . ", you have successfully logged in.\n";
print "\n";
}
}
}
####
User was admin: password was 1a1dc91c907325c69271ddf0c944bc72
Your username or password were incorrect.
Please click Back to continue