Re: Re: A way to get the User in a variable from htpasswd?

Even better,

use CGI;
my $cgi = CGI->new();
my $username = $cgi->remote_user();
[download]

Update: From CGI.pm:

sub remote_user {
    return $ENV{'REMOTE_USER'};
}
[download]

Heh, not a lot of difference in practice. But, hey, encouraging more people to use CGI is a good thing, right?

Comment on Re: Re: A way to get the User in a variable from htpasswd? Select or Download Code

Replies are listed 'Best First'.
Re: Re: Re: A way to get the User in a variable from htpasswd? by mpolo (Chaplain) on May 10, 2001 at 22:12 UTC
Obviously every CGI program should 'use CGI', but why is it better to get the remote user out of the CGI query? Unless it's because of tainting... I know that %ENV is considered tainted until/unless you `delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};` Is the remote_user() that you get out of CGI automatically untainted?	[reply] [d/l]
(tye)Re: A way to get the User in a variable from htpasswd? by tye (Sage) on May 11, 2001 at 02:05 UTC
No, it isn't because of tainting because fairly recent CGI.pm defines: `sub remote_user { return $ENV{'REMOTE_USER'}; }` [download] I advocate using CGI.pm's remote_user() because if, for example, a "broken" web server becomes popular that puts this information into $ENV{AUTHEN_USER} and not $ENV{REMOTE_USER}, then CGI.pm is likely to get updated to take this into consideration and you won't have to fix all of the places you used $ENV{REMOTE_USER} directly (nor waste time discovering the bug in your new server), etc. - tye (but my friends call me "Tye")	[reply] [d/l]