Alright, I'm pretty sure I have a typo or s simple misunderstanding, but I can't see it at the moment and would appreciate the monks input.

I'm following Ovid's tutorial and I've been paraphrasing the code as I go along. Following his lead, but not always using the same style and have been doing well so far... that is until I reached about the 80% mark of lesson five on digesting the password file.

The issue I'm having is the digested password from the file doesn't match the one I'm generating from form data. I've included 1)the string that I'm generating on the command line and inserting into the config file, 2) The config file contents, 3) the print out from the web page which includes the password from the form, the generated digest, the digest read from the file and the salt read from the file and 4) the source code:

1) the digest created on the command line

ruth# perl -MDigest::MD5=md5_base64 -e 'print md5_base64("submij","#f%
+w#$g0?")'
NlAxyO72B/aVIBYf1eOBFw

[download]

2) The contents of the config file

{
  salt => '#f%w#$g0?',
  users => '/usr/local/httpd/data/users/'
}

[download]

3) the print out from the web page which includes the password from the form, the generated digest, the digest read from the file and the salt read from the file

>submij::uElfm86fvqS1TDQlO6vlPA::NlAxyO72B/aVIBYf1eOBFw::#f%w#$g0?

[download]

4) the source code

#!/usr/bin/perl
use strict;

use CGI::Pretty qw(:standard);
use Digest::MD5 qw(md5_based64);

use constant USER_DATA => '/usr/local/httpd/data/users/';
use constant ERR_MSG => 'Your username and password information did no
+t match.
#!/usr/bin/perl
use strict;

use CGI::Pretty qw(:standard);
use Digest::MD5 qw(md5_based64);

use constant CONF => '/usr/local/httpd/data/users/';
use constant ERR_MSG => 'Your username and password information did no
+t match.
Check to see that you do not have Caps Lock on, hit the back button, a
+nd try
again.';

my $config = do(CONFIG}'

#!/usr/bin/perl
use strict;

use CGI::Pretty qw(:standard);
use Digest::MD5 qw(md5_base64);
use CGI::Carp   qw(fatalsToBrowser);

use constant CONF => '/usr/local/httpd/data/users/';
use constant ERR_MSG => 'Your username and password information did no
+t match.
Check to see that you do not have Caps Lock on, hit the back button, a
+nd try aga
in.';

my $config = do(CONF);

my $_username = param( 'username' ) || '';
my $_password = param( 'password' ) || '';
my $_remember = param( 'remember' ) || '';
my ($username) = ($_username =~ /(\w+)/);
my ($password) = ($_password =~ /(\w+)/);
my ($remember) = ($_remember =~ /(\w+)/);
use CGI::Carp   qw(fatalsToBrowser);

use constant CONF => '/usr/local/httpd/data/users/';
use constant ERR_MSG => 'Your username and password information did no
+t match.
Check to see that you do not have Caps Lock on, hit the back button, a
+nd try aga
in.';

my $config = do(CONF);

my $_username = param( 'username' ) || '';
#!/usr/bin/perl
use strict;

use CGI::Pretty qw(:standard);
use Digest::MD5 qw(md5_base64);
use CGI::Carp   qw(fatalsToBrowser);

use constant CONF => '/usr/local/httpd/data/conf/test.conf';
use constant ERR_MSG => 'Your username and password information did no
+t match.
Check to see that you do not have Caps Lock on, hit the back button, a
+nd try aga
in.';

my $config = do(CONF);

my $_username = param( 'username' ) || '';
my $_password = param( 'password' ) || '';
my $_remember = param( 'remember' ) || '';
my ($username) = ($_username =~ /(\w+)/);
my ($password) = ($_password =~ /(\w+)/);
my ($remember) = ($_remember =~ /(\w+)/);

# the rest of the program goes here.

my $userfile = $config->{ users } . $username;
my $message = ERR_MSG;
$message = $config->{users} . $username;
open (USER, "< $userfile") or display_page($userfile . $username), exi
+t;
chomp (my ( $real_password, $sessionID, $remember) = <USER>);
close USER;

my $digest = md5_base64($password,$config->{salt});
if ($digest eq $real_password)
{
  $message = "Hello, $username. You gave me a good password";
}

display_page('>'.$password . '::' .$digest. '::'.$real_password . '::'
+ .$config-
>{salt});
exit;

sub display_page
{
  my $message = shift;
  print header, start_html, p($message). end_html;
}

[download]


>submij::uElfm86fvqS1TDQlO6vlPA::NlAxyO72B/aVIBYf1eOBFw::#f%w#$g0?

[download]

UPDATE: olus is apparently correct, I came up with a bad seed... that is the $g0 subset its undef and was dropping out causing me to have different salts, with out knowing it. Changing the salt fixed the issue. Hopefully, some monkey somewhere has written Shakespear :)

Thanks to all for your input!

--Jimbus aka Jim Babcock
Wireless Data Engineer and Geek Wannabe
jim-dot-babcock-at-usa-dot-com

Edit: g0n - readmore tags

In reply to md5_base issue by jimbus

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.