I know of the existance of Apache::Htpasswd, which can manage .htpasswd files for Apache servers, but that's not really what I'm looking for.
On a site I'm developing, a user must authenticate him or herself with Apache's basic authentication (.htaccess and .htpasswd). What I'm looking to do is to retrieve the user name the user just logged in with (for use in a personalised greeting). Short of storing a session-long cookie, is there any other way of doing this in Perl?
Damn... when I saw this topic, I was just gonna pop in here and say "use Apache::Htpasswd" and be done with it.
Do an %ENV dump... I'm pretty sure that the basic auth string will be somewhere in there. Decode the string using MIME::Base64 to get the username and password.
Hey, I'm glad I found this topic, probably one of you guys could help me.
I'm loging into a restricted folder using htpasswd/htaccess. Now I access a simple Guestbook, where I want the Username I just use to log in be written in a field (which is part of a cgi-file).
Eventually it would be great to do it like that: If the htpasswd username is 4 example: "ms2" then it should display in the textfield the Username "Max Smith". Some kina If... then.
Then I could disable the textfield so the user can post only by his real name, according to the htpasswd username he just used.
I'm quite a newbie in that so please explain so that I will understand
Main question would be where would the real name be stored; the .htaccess file ins't meant to be a database of any kind; the way i'd do it is make it php based, then have a small mysql database containing usernames/passwords/real names (you could do flat file too i guess); then you can have it 'if username = jd then realname = John Doe'
That's untested but I think it could work. Note that if it's a type=text, the user can still change the value, but the default one would be from the %names variable.
But then they can still modify it by going to the code... You can give them a 12-char session id, so that they'll have almost no way to change it to another true one. Create a sessions.cgi file in the directory, have a randomly-generated id such as "Fr5g4Dds9aG", in the file have "Fr5g4Dds9aG" => "Max Smith", and then add to the HTML: input type="hidden" name="session" value="Fr5g4Dds9aG".
I just added a 0nfocus="this.blur()" within the textfield, thats enough for my purposes... The guestbook is just for about 30 people, no one with a good cgi-knowledge and surely not intending to manipulate those variables... so I don't think I'll have to do further scripting
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
