Re: .htpasswd Hacks - Paypal IPN with Password Management

Replies are listed 'Best First'.
Re^2: .htpasswd Hacks - Paypal IPN with Password Management by teacherguy (Initiate) on Aug 13, 2007 at 14:11 UTC
Hello, I've tried to modify some of the modules in paypal.pl (not yet tested in Sandbox): sub file_open { my $open_file = shift; my $open_str = shift; # open the file if (!open(FILE, "$open_str$open_file")) { error_notify("Unable to access: $open_file - $!\n", "open file", 1, +1); } # lock access to this file if (!flock(FILE, 2)) { error_notify("Unable to get lock on file: $open_file\n", "open file" +, 1, 1); } if (!seek(FILE, 0, 0)) { error_notify("Unable to seek to the start of the file: $open_file\n" +, "open file", 1, 1); } } sub file_close { my $close_file = shift; # unlock the file if (!flock(FILE, 8)) { error_notify("Unable to unlock file: $close_file\n", "close file", 1 +, 1); } if (!close(FILE)) { error_notify("Unable to close: $close_file - $!\n", "close file", 0, + 0); } } sub find_login { my $new = shift; my $login; my $password; my $remainder; # for each line, break into parts while(<FILE>) { chop; ($login, $password, $remainder) = split(/:/, $_, 3); if ($login eq $new) { return 1; } } return undef; } sub find_txn { my $new_txn = shift; # look for this txn id while(<FILE>) { if (/^$new_txn/) { return 1; } } return undef; } sub add_user { my $login = shift; my $password = shift; my $accnt = shift; # Aug. 6, 2007 change my $txn = shift; file_open($PASSWORD_FILE, "+<"); # check to see if this user already exists if (find_login($login)) { error_notify("Username: $login already exists", "add user", 0, 1); } else { # seek to the end of the file if (!seek(FILE, 0, 2)) { error_notify("Unable to seek to the end of the file: $PASSWORD_FILE +\n", "add user", 1, 1); } # add the necessary line print FILE "$login\:$password\:$accnt\n"; # REMOVE start ------------------------------------------- # hack to write paid usernames and non-encrypted passwords to a simp +le text file that will be used # to populate mysql USERS table file_open($USERS_FILE, "+<"); print FILE2 "$login\:$password\:$accnt\n"; file_close($USERS_FILE); # end of hack # REMOVE end Aug. 6 , 2007 ---------------------------------------- +--- } file_close($PASSWORD_FILE); [download] I need the script to keep track of type of membership (ex. gold, silver, bronze). I'd like to write username, password and accnt fields to a flat file without encryption so I can integrate with a mysql table : USERS. The other alternative is to write a funky Perl script to read contents of .htpasswd file. I understand that encryption of the password (salt : crypt or "whatever") will be the main obstacle. The big issue is the "work around" to make my php/mysql website work with Paypal IPN script that using Perl and sdome Apache server conventions.	[reply] [d/l]

Replies are listed 'Best First'.

Re^2: .htpasswd Hacks - Paypal IPN with Password Management
by teacherguy (Initiate) on Aug 13, 2007 at 14:11 UTC


sub file_open {
 my $open_file = shift;
 my $open_str = shift;
 
 # open the file
 if (!open(FILE, "$open_str$open_file")) {
  error_notify("Unable to access: $open_file - $!\n", "open file", 1, 
+1);
 }
 
 # lock access to this file
 if (!flock(FILE, 2)) {
  error_notify("Unable to get lock on file: $open_file\n", "open file"
+, 1, 1);
 }
 if (!seek(FILE, 0, 0)) {
  error_notify("Unable to seek to the start of the file: $open_file\n"
+, "open file", 1, 1);
 }
}
 
sub file_close {
 my $close_file = shift;
 
 # unlock the file
 if (!flock(FILE, 8)) {
  error_notify("Unable to unlock file: $close_file\n", "close file", 1
+, 1);
 }
 
 if (!close(FILE)) {
  error_notify("Unable to close: $close_file - $!\n", "close file", 0,
+ 0);
 }
}
 
sub find_login {
 my $new = shift;
 my $login;
 my $password;
 my $remainder;
 
 # for each line, break into parts
 while(<FILE>) {
  chop;
  ($login, $password, $remainder) = split(/:/, $_, 3);
  if ($login eq $new) {
   return 1;
  }
 }
 
 return undef;
}
 
sub find_txn {
 my $new_txn = shift;
 
 # look for this txn id
 while(<FILE>) {
  if (/^$new_txn/) {
   return 1;
  }
 }
 
 return undef;
}
 
sub add_user {
 my $login = shift;
 my $password = shift;
 my $accnt = shift;
 # Aug. 6, 2007 change
 my $txn = shift;
 

 file_open($PASSWORD_FILE, "+<");
 # check to see if this user already exists
 if (find_login($login)) {
  error_notify("Username: $login already exists", "add user", 0, 1);
 } else {
  # seek to the end of the file
  if (!seek(FILE, 0, 2)) {
   error_notify("Unable to seek to the end of the file: $PASSWORD_FILE
+\n", "add user", 1, 1);
  }
  # add the necessary line
  print FILE "$login\:$password\:$accnt\n";
  
  # REMOVE start -------------------------------------------
  # hack to write paid usernames and non-encrypted passwords to a simp
+le text file that will be used
  # to populate mysql USERS table
  file_open($USERS_FILE, "+<");
   print FILE2 "$login\:$password\:$accnt\n";
  file_close($USERS_FILE);
  # end of hack
   # REMOVE end Aug. 6 , 2007 ----------------------------------------
+---
 }
 file_close($PASSWORD_FILE);
[download]

[reply]
[d/l]