So it prints a username, password, and regtype (regtype tells whether they're a member or not). So then I have the following code on pages that I only want members to see:sub write_cookies { print "Set-Cookie: reguser=$username; expires=$expires; path=/;\n" +; print "Set-Cookie: regpass=$password; expires=$expires; path=/;\n" +; print "Set-Cookie: regtype=$regtype; expires=$expires; path=/;\n"; }
This works if I only use this script. The scripts checks the database and only let's people in that are registered, and presents a login screen to others. My problem is that I'm also running an online photo album software that sets a 4th entry into my cookie. In IE, my code still works but in Firefox I can only get it to work by changing the 3 to a 4 in this line in the javascript:<script language=javascript> { var the_cookie = document.cookie; var the_cookie = unescape(the_cookie); var broken_cookie = the_cookie.split("="); var the_regtype = broken_cookie[3]; if (the_regtype != 'member') { window.location="http://www.domain.com/cgi-bin/login.pl?logout +=yes"; } } </script>
changes to:var the_regtype = broken_cookie[3];
If I change the 3 to a 4, it works in Firefox but not in IE. Is there a way around this? Is this a Firefox bug? If I delete the photo script's cookie my script works fine. Any insight would be appreciated.var the_regtype = broken_cookie[4];
On another note. How secure is this type of security? If people can login once, view the source of my HTML and get the javascript code, could they conceivably build their own cookie to get around my script? Thanks. Tom
Considered by acid06: mark as off-topic
Unconsidered by GrandFather: keep 11, edit 13 votes indecisive;
In reply to Perl and Cookies by htmanning
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |