in reply to Re: Re: Re: Cookie not getting stores
in thread Cookie not getting stores

This is in reply to your newest post, I can't seem to reply to it as it's below my current viewable thread or something.

I tried setting the cookie as another scalar like you requested, but it hasn't done anything. Maybe I am confused as to what I'm supposed to be doing with it. I set the cookie as another scalar, but then am I supposed to compare it within the password verification section (if ( $adminpass eq $adminpassword ) {)?

I'm sorry, I'm just really clueless and I've never understood cookies or how they work or anything..and I HAVE read tutorials and the CGI docs on them. This is just one concept I don't think I'll ever be able to understand :(

My current code: 
my $adminpassword = "test";
my %cookie;
my $pass = cookie('cookie');

require SDBM_File;


my %mail;

my $person = url_param('lookup');


if ( !exists $cookie{'pass'} ) {
    if ( param() ) {
        my $adminpass = param('admin');

        if ( $adminpass eq $adminpassword ) {
            my $cookiename = cookie(
                -name    => 'cookie',
                -value   => 'loggedin',
                -path    => '/',
                -expires => '+3y'
            );
        
        print header, start_html();

        # print rest of page here
        print "you are logged in";

##### database value lookup
if ($person) {
if (exists $mail{$person}) {
my $lookup_data = $mail{$person};
print "$lookup_data";
} else {
print "<h3><font color=red>Error:</font></h3> This user doesn't exist"
+;
}
}
else{

foreach (keys %snailmail) {
print <<"END";
<a href="www.myscript.com/login.pl?lookup=$_" target="_new">$_</a><br>
END
}


}
        }

        else {
            print header, start_html();

            print "Incorrect password, please click back and try again
+";
            exit;
        }
    }
    else {
        print header, start_html();

        print start_form(),
          table(
            Tr(
                td("Admin Password: "),
                td(
                    textfield(
                        -name => 'admin',
                        -size => 10
                    )
                )
            ),
            Tr( td(), td(submit) ),
          ),
          end_form(), hr();
    }
}

[download]

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: Cookie not getting stores
by chromatic (Archbishop) on Dec 26, 2003 at 07:43 UTC

    Something like this might work for you:

    my $pass = cookie('cookie');

# if there was a cookie named 'pass'
if ( defined $pass)
{
    # if the password in the cookie matches the admin password
    if ($pass eq $adminpass)
    {
        # do administrative stuff
    }
}
# there's no cookie, so check for a 'pass' parameter
else
{
    $pass = param( 'pass' );
    if ($pass eq $adminpass)
    {
        # set admin cookie
        # make sure the name is 'pass' so you can retrieve it
        # redirect to the current script
    }
}

    [download]

    You might also look in the examples shipped with CGI.pm. cookies.cgi and customize.cgi are pretty good.

    Again, simply declaring a hash named %cookie does absolutely nothing to retrieve a cookie. This seems to be the source of your confusion. You could call your hash %not_a_cookie or %magic_php_variable and it would do nothing, since Perl does not care what you name your variables. It does not automatically fill in values for you. You have to retrieve a cookie by name and check its value against the value you have.

    Earlier versions of PHP did automagically create variables named after CGI variables, but it's been deprecated and not recommended for quite a while. I'm not aware that any Perl module ever did that -- it opens up a lot of security risks and can cause scary action at a distance.

[reply]
[d/l]
[select]
      Where in that example you provided would you print the login form to set the possible cookies? I see you are doing pretty much two things: 1) printing the administrative page and 2) setting the cookie. But the cookie has to come from a form somewhere.

      I would really like to thank you for making the rest of my programing days more than a million times easier to manage and debug. I looked over your code countless times and have taken to heart how you layout your script.

      For example, I always wrote things like: 

      if ($pass eq $admin pass) {
  if (defineded $this) {
}

      [download]
      Which got really confusing having the trailing { on the end of the line. This made it so much more difficult to find which brackets went with which and caused so many 'missing right curly bracket' warnings in the past.

      Your method, which I'm using from now on: 

      if ($pass eq $adminpass)
{
  #print do everything here
  if (defined this)
    {
      #other things would go here
    } #nice closing bracket, you can see where they line up
}     #still matches the first bracket since it doesn't get attached t
+o the end of the line

      [download]
      If nothing else, thank you for displaying that code. It really is much better than what I've been doing and will save loads of time in each script that I write.


      "Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us"

      sulfericacid
[reply]
[d/l]
[select]

        I'd write out the logic in pseudocode (or function names) beforehand, just to make it easier to figure out the logical flow:

        display_login_form()  unless logged_in();
display_admin_view()  if     is_admin();
display_normal_view();

sub logged_in
{
    # check for a cookie
    # check for a 'pass' parameter if there's no cookie
    # create a cookie if there's a 'pass' parameter but no 
    #    cookie already
    # return true if either one is valid
}

sub display_login_form
{
    # print a form that asks for the 'pass' parameter
    # exit;
}

sub is_admin
{
    # check if the given password matches the admin password
}

sub display_admin_view
{
    # show the administrative view
}

sub display_normal_view
{
    # show the normal view
}

        [download]

        I switched to curly braces on the new line after working with Ovid. They take up a bit more space on the screen, but that's a good impetus to keep my subroutines short.

[reply]
[d/l]

In Section Seekers of Perl Wisdom