extended login with database
git-svn-id: http://yolanda.mister-muffin.de/svn@12 7eef14d0-6ed0-489d-bf55-20463b2d70db
This commit is contained in:
parent
e03d8a1e20
commit
56d32a0ade
2 changed files with 45 additions and 8 deletions
|
@ -2,7 +2,11 @@ to get a database execute the following mysql statements:
|
||||||
|
|
||||||
create database gnutube;
|
create database gnutube;
|
||||||
use gnutube;
|
use gnutube;
|
||||||
create table tagcloud (text char(255) not null, count int not null);
|
create table tagcloud (text varchar(255) not null, count int not null);
|
||||||
|
|
||||||
fill with some data:
|
fill with some data:
|
||||||
eg.: insert into tagcloud values ('web tv', 68);
|
eg.: insert into tagcloud values ('web tv', 68);
|
||||||
|
|
||||||
|
create table users (id int auto_increment not null, username varchar(255) not null, password char(41) not null, primary key (id));
|
||||||
|
|
||||||
|
insert into users (username, password) values ('user', password('pass'));
|
||||||
|
|
|
@ -1,8 +1,5 @@
|
||||||
require "/var/www/perl/include.pl";
|
require "/var/www/perl/include.pl";
|
||||||
|
|
||||||
CGI::Session->name($session_name);
|
|
||||||
my $session = new CGI::Session;
|
|
||||||
|
|
||||||
#fill %querystring with everything that was passed via GET
|
#fill %querystring with everything that was passed via GET
|
||||||
@parts = split( /\&/, $ENV{ "QUERY_STRING" } );
|
@parts = split( /\&/, $ENV{ "QUERY_STRING" } );
|
||||||
foreach $part (@parts) {
|
foreach $part (@parts) {
|
||||||
|
@ -10,17 +7,53 @@ foreach $part (@parts) {
|
||||||
$queryString{ $name } = $value;
|
$queryString{ $name } = $value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#fill %querystring with everything that was passed via POST
|
||||||
|
read( STDIN, $tmpStr, $ENV{ "CONTENT_LENGTH" } );
|
||||||
|
@parts = split( /\&/, $tmpStr );
|
||||||
|
foreach $part (@parts) {
|
||||||
|
( $name, $value ) = split( /\=/, $part );
|
||||||
|
$queryString{ $name } = $value;
|
||||||
|
}
|
||||||
|
|
||||||
|
CGI::Session->name($session_name);
|
||||||
|
my $session = new CGI::Session;
|
||||||
|
|
||||||
if($queryString{ "action" }) {
|
if($queryString{ "action" }) {
|
||||||
if($queryString{ "action" } eq "login") {
|
if($queryString{ "action" } eq "login") {
|
||||||
|
$dbh = DBI->connect("DBI:mysql:$database:$host", $user, $pass);
|
||||||
|
my $sth = $dbh->prepare(qq{select username from users
|
||||||
|
where password = password('$queryString{ "pass" }')
|
||||||
|
and username = '$queryString{ "user" }'
|
||||||
|
limit 1 });
|
||||||
|
$sth->execute();
|
||||||
|
|
||||||
|
if($sth->fetchrow_array()) {
|
||||||
$session->param('auth', 'true');
|
$session->param('auth', 'true');
|
||||||
print $session->header();
|
print $session->header();
|
||||||
print "logged in";
|
print "logged in";
|
||||||
|
} else {
|
||||||
|
print $session->header();
|
||||||
|
print $queryString{ "action" };
|
||||||
|
}
|
||||||
|
|
||||||
|
$sth->finish();
|
||||||
|
$dbh->disconnect();
|
||||||
|
|
||||||
} elsif($queryString{ "action" } eq "logout") {
|
} elsif($queryString{ "action" } eq "logout") {
|
||||||
$session->param('auth', 'false');
|
$session->param('auth', 'false');
|
||||||
print $session->header();
|
print $session->header();
|
||||||
print "logged out";
|
print "logged out";
|
||||||
|
} else {
|
||||||
|
print $session->header();
|
||||||
|
print "wtf?";
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
print $session->header();
|
print $session->header();
|
||||||
print "incorrect query string";
|
print '<form action="" method="POST"><p>
|
||||||
|
<input name="action" type="hidden" value="login">
|
||||||
|
<input name="user" type="text" size="30" maxlength="30">
|
||||||
|
<input name="pass" type="password" size="30" maxlength="30">
|
||||||
|
<input type="submit" name="login" value=" login ">
|
||||||
|
</p></form>';
|
||||||
|
print STDIN;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue