pop up to capture user and password

[burrell.john]

Hello,

I am currently knee deep in a cgi program intended to query the user
for their username and password
and then logging in to an aplication with a http;/IP/login?
MyId=12345&username=bert&password=xxxx

Have successfully called from a program an URL IPadress/cgi-bin/
myprog.cgi?MyId=12345
myprog.cgi has been invoked and unwebified the input thus:
#!/usr/bin/perl
# Get the input
$buffer = $ENV{'QUERY_STRING'};
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

So could someone please help me with what to do next?
It is rather urgent, in a fit of enthusiasm promised it for today
without having a proper knowledge...

TIA

J

 

[Dave Weaver]

#!/usr/bin/perl
# Get the input
$buffer = $ENV{'QUERY_STRING'};
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

Ick! Don't do that - it's not only ugly code but prone to errors.
Use the CGI module that comes with Perl.

Also, get used to using the 'strict' and 'warnings' pragmas - it
will make your code better.

#!/usr/bin/perl
use strict;
use warnings;
use CGI ':standard';

my $id = param( 'MyId' );
# ... etc

Type `perldoc CGI` for the details.

 

[burrell.john]

(e-mail address removed) <[email protected]> wrote:

Ick! Don't do that - it's not only ugly code but prone to errors.
Use the CGI module that comes with Perl.

Also, get used to using the 'strict' and  'warnings' pragmas - it
will make your code better.

 #!/usr/bin/perl
 use strict;
 use warnings;
 use CGI ':standard';

 my $id = param( 'MyId' );
 # ... etc

Type `perldoc CGI` for the details.- Hide quoted text -

Thanks - Good advice! Read the fine Perldoc!
Got a few lines of good code!
What I want to do now is MD5 hash the password and invoke another URL
in a new window passing in MyId, User and secret.
Can you please tell me the next step??

#!/usr/bin/perl
use strict;
use warnings;
use CGI ':standard';
my $MyId = param( 'MyId' );
print header,
start_html('Enter Logon Details'),
h1('Enter Logon Details'),
h1($LinkId),
start_form,
"What's your name? ",textfield('user'),p,
"What's your password? ",password_field('secret','',50,80);
submit,
end_form,
hr;

 

[J. Gleixner]

What I want to do now is MD5 hash the password and invoke another URL
in a new window passing in MyId, User and secret.
Can you please tell me the next step??

Actually, what you want to do now is some research. There are MD5
modules available (http://search.cpan.org/search?query=md5&mode=all)
and plenty of documentation, books, and articles on CGI. Use your
favorite Internet search engine to help find them and after you've
learned what to do and have specific questions or problems, then
post your code and your questions.

 

[burrell.john]

(e-mail address removed) wrote:

[...]

What I want to do now is MD5 hash the password and invoke another URL
in a new window passing in MyId, User and secret.
Can you please tell me the next step??

Actually, what you want to do now is some research.  There are MD5
modules available (http://search.cpan.org/search?query=md5&mode=all)
and plenty of documentation, books, and articles on CGI.  Use your
favorite Internet search engine to help find them and after you've
learned what to do and have specific questions or problems, then
post your code and your questions.

Thanks for that! I now have the following code:
#!/usr/bin/perl
use strict;
use warnings;
use CGI ':standard';
use Digest::MD5 qw(md5_hex);
my $LinkId = param( 'MyId' );
print header,
start_html('Enter Louis Logon Details'),
h1('Enter Louis Logon Details`'),
h1($MyId),
start_form,
"What's your name? ",textfield('name'),p,
"What's your password? ",textfield('password'),p,
submit,
end_form,
hr;

Actually I think I need to pass the 3 values $MyId, $Name and
$password like so:
http://IP/cgi-bin/nextProg.cgi?MyId=123&Name=fred&password=secret
So I need to work some magic with submit.

Mr Google seems silent on how to do this.
If you help me I will be a happy man - and so will my boss and a
number of other people...

 

[J. Gleixner]

Actually I think I need to pass the 3 values $MyId, $Name and
$password like so:
http://IP/cgi-bin/nextProg.cgi?MyId=123&Name=fred&password=secret
So I need to work some magic with submit.

Not with submit. See redirect() in perldoc CGI. To muddy the
waters further, you could also look at CGI::Auth which allows
MD5 as an option.

Mr Google seems silent on how to do this.

Really? Then you asked Mr. Google the wrong question.
Maybe you should spend more than 5-minutes with Mr. Google
and start with a CGI tutorial.

If you help me I will be a happy man - and so will my boss and a
number of other people...

Sorry, your boss doesn't pay me enough to do your work for you.

 

[burrell.john]

(e-mail address removed) wrote:

[...]

Actually I think I need to pass the 3 values $MyId, $Name and
$password like so:
http://IP/cgi-bin/nextProg.cgi?MyId=123&Name=fred&password=secret
So I need to work some magic with submit.

Not with submit. See redirect() in perldoc CGI.

Ta. Will do.
To muddy the

waters further, you could also look at CGI::Auth which allows
MD5 as an option. Sounds good will do..




Really?  Then you asked Mr. Google the wrong question.
Maybe you should spend more than 5-minutes with Mr. Google
and start with a CGI tutorial.

Actually I think I needed to know about the -sction parameter examples
of which are a bit scarce in tutorials..

Sorry, your boss doesn't pay me enough to do your work for you.

No worries - thanks for your help