cgi form action

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Ohhh great ones, I am trying to learn a little cgi, and have found Ovid's lessons: http://users.easystreet.com/ovid/cgi_course/lesson_four/lesson_four_1.html

I am most curious about this:

#!C:/perl/bin/perl.exe -wT
use strict;
use CGI qw/:standard/;

print header,
      start_html( "-title" => "Login in Weird Sports"),
      div( { -align => "center",
             -style => "color:#000000; font-family: Tahoma, helvetica,
+ arial;"},
        h1( "Login to your account" ),
        p( "Here you can log in to the Weird Sports mailing list archi
+ves. " .
           "In theory, you will be able to change your user settings. 
+In reality, " .
           "however, you can't because this is just an example from a 
+" .
           a( { -href => "http://www.easystreet.com/~ovid/cgi_course/"
+ },
                "stupid CGI programming course" ), "." ),
        start_form( { -action  => "login.cgi",
                      -enctype => "application/x-www-form-urlencoded",
                      -method  => "post" } ),
        table( { -bgcolor     => "#000000",
                 -border      => "0",
                 -cellpadding => "2",
                 -cellspacing => "1",
                 -style       => "font: 10pt;" },
          Tr( { -style => "background-color:#CCCCCC" },
            td( strong( "User Name:" ) ),
            td( input( { -maxlength => "30",
                         -name      => "username",
                         -size      => "30",
                         -type      => "text"} )
            ) # end td
          ), # end Tr
          Tr( { -style => "background-color:#CCCCCC"},
            td( strong( "Password:" ) ),
            td( input( { -maxlength => "30",
                         -name      => "password",
                         -size      => "30",
                         -type      => "password"} )
            ) # end td
          ), # end Tr
          Tr(
            td( { -colspan => "2",
                  -style   => "background-color:#CCCCCC" },
                input ( { -name => "remember",
                          -type => "checkbox"} ),
                " Remember my ID on this computer. ",
            ) # end td
          ), # end Tr
        ), # End table
        p( input( { -type  => "submit",
                    -value => "Login"} ),
           " ",
           input( { -type  => "reset"} ),
        ), # end p
        end_form,
      ), # End div
      end_html;
[download]

When a user clicks on "login", how would one authenticate this? Does this information pass to another cgi? (and if so, how). Does Ovid contend 'this' script is named login.cgi? I understand that it was beyond the scope of his lesson, but I just want to learn ... and I hear you can help ;-)

thanks, me

Comment on cgi form action Download Code

Replies are listed 'Best First'.
Re: cgi form action by esskar (Deacon) on Feb 27, 2004 at 21:57 UTC
well, if the user clicks on "login", the data in the form will be send using a HTTP POST to a script called login.cgi. the rest (athentication) is then up to the login.cgi script.	[reply]
Re: Re: cgi form action by Anonymous Monk on Feb 27, 2004 at 22:00 UTC
Thanks esskar, Another stupid question (since it just isn't clicking) ... how does login.cgi receive this information, via the URL: http://<wherever>/cgi-bin/login.cgi?username=<whatever>+password=<whatever> or does is this away from the browser, login.cgi is called (like a shell out), or have I just missed the boat? I'm sorry I'm being so stupid with this, it doesn't seem hard, but I just don't grasp it. thanks, me	[reply]
Re: Re: Re: cgi form action by kutsu (Priest) on Feb 27, 2004 at 22:20 UTC
There are two methods of sending data GET and POST. Your sample script is using POST (change that word to GET and you'll see the difference). GET sends data like this: `http://www.foobar.com/cgi-bin/scriptname.cgi?param1=something&param2=s +omething....` [download] "Cogito cogito ergo cogito sum - I think that I think, therefore I think that I am." Ambrose Bierce	[reply] [d/l]
Re: cgi form action by kutsu (Priest) on Feb 27, 2004 at 22:15 UTC
`start_form( { -action => "login.cgi",` this (form tag) causes login.cgi to run, where login.cgi is depends on the way your server is setup. `td( input( { -maxlength => "30", -name => "password", -size => "30", -type => "password"} )` [download] this (input tag) sends a string 30 char or less in length to login.cgi called password (-name)...-type "password" just means it will show *** when trying to type it in not that it will be encrypted. Same thing with username. Ovid covers how to get and deal with these parameters pretty well in his course, as for authenticating them: look at security faq and question 13 for more links "Cogito cogito ergo cogito sum - I think that I think, therefore I think that I am." Ambrose Bierce	[reply] [d/l] [select]