but when your friend wants to edit it, adds ?mode=edit to the end of the URL:/path/to/the/message
which invokes the same program, but the param is detected, and now a form comes out with two fields: the original text in a textarea, and a place for a password. When this form is submitted, it'll be returned to the same CGI program, which can check the password against a crypt() password included in the program, and if a match, updates the file and shows the new result. Code looks something like this:/path/to/the/message?mode=edit
There. Whipped out quickly, so it might not fully work, but you can flesh out the details I hope.use CGI qw(:all); my $MESSAGE_LOCATION = "/path/to/file.txt"; my $CRYPTED_PASSWORD = "aaPwJ9XL9Y99E"; ## this is from print crypt("hello", "aa"), so "hello" is the password print header, start_html; if (my $new_text = param('text') and my $password = param('password')) + { ## update mode... is the password good? if (crypt($password, $CRYPTED_PASSWORD) eq $CRYPTED_PASSWORD) { open F, ">$MESSAGE_LOCATION" or die; print F $new_text; close F; print h1('updated!'), p('The message was updated!'); } } elsif (param('mode') eq 'edit') { ## secret mode open F, $MESSAGE_LOCATION or die; my $message = join '', <F>; close F; print h1('edit the message'); print start_form; print textarea('text', $message); print 'password: ', password_field('password'); print submit('update'); print end_form; } ## always display the result: open F, $MESSAGE_LOCATION or die; my $message = join '', <F>; close F; print h1('Welcome to our info page'); print h2("Today's top tip:"), escapeHTML($message); print end_html;
-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.
In reply to •Re: Beginner CGI programming, authentication
by merlyn
in thread Beginner CGI programming, authentication
by mkahn
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |