OSSP CVS Repository

Check-in Number:	2121
Date:	2002-May-07 16:30:56 (local) 2002-May-07 14:30:56 (UTC)
User:	ps
Branch:
Comment:	Appended password checking
Tickets:
Inspections:
Files:	ossp-pkg/tabea/tabea.cgi      1.6 -> 1.7     30 inserted, 3 deleted

---

ossp-pkg/tabea/tabea.cgi 1.6 -> 1.7

--- tabea.cgi 2002/05/07 12:58:21 1.6 +++ tabea.cgi 2002/05/07 14:30:56 1.7 @@ -35,6 +35,8 @@ $|++; +my $pwdfile = "./tabea.pw"; + # establish my configuration my $MY = {}; $MY->{PROGNAME} = ($0 =~ m|^.*?([^/]+?)(?:\.[^/.]+)?$|)[0]; @@ -82,10 +84,35 @@ } } +######################################################################################## sub validpassword { +######################################################################################## my ($username, $password) = @_; - return ""; + + my $returnvalue = 0; + my $uname; + my $pwd; + my $pwdin; + + $pwdin = IO::File->new("<$pwdfile"); + if(defined $pwdin) { + while(<$pwdin>) { + $_ =~ s|^(\w+):(\w+)$|{$uname=$1; $pwd=$2}|eg; + ( $uname =~ $username ) && do { # check the password + print "Checking password : "; + if (crypt($password, $pwd) eq $pwd){ + $returnvalue = 1; + } + } + } + } + + $pwdin->close(); + + return $returnvalue; } +######################################################################################## + my $page = ''; @@ -126,14 +153,14 @@ } elsif ($form eq 'login') { # enter Select form - # &validpassword($username, $password) || print STDOUT $cgi->redirect(-uri => $cgi->url(-full => 1), -type => "text/html"); + &validpassword($username, $password, $pwdfile) || print STDOUT $cgi->redirect(-uri => $cgi->url(-full => 1), -type => "text/html"); $page .= "Dialog: ".$cgi->param("dialog") ."<br>\n"; $page .= "Username: ".$cgi->param("username") ."<br>\n"; $page .= "Password: ".$cgi->param("password") ."<br>\n"; } elsif ($form eq 'select') { # enter Edit form - &validpassword($username, $password) || print STDOUT $cgi->redirect(-uri => $cgi->url(-full => 1), -type => "text/html"); + &validpassword($username, $password, $pwdfile) || print STDOUT $cgi->redirect(-uri => $cgi->url(-full => 1), -type => "text/html"); } else { die "invalid form \"$form\"";