Record Password Protection
We see a lot of password protection working in our life. For example, after grading student's finals, some professors want to post the student's scores on the web. They need to find a way to let each student to only get his(her) own score but not others. In this case we can assign a password for each student (for example, last 4 digits of SSN). So the student can use the password to get his(her) score. Now let's see how we can achieve it.
HTML FORM
Here is the HTML FORM for this example:<form method=POST action="cgi-bin/password.pl"> Enter your Password: <INPUT NAME="password" TYPE="TEXT" SIZE="10" MAXLENGTH="20"> <INPUT TYPE="SUBMIT" VALUE="Submit"> <INPUT TYPE="RESET"> </form>
password.pl
The following is the Perl source code:(1)
#!/usr/local/bin/perl
########################################################################
# password.pl
# 11/26/97 by Zhanshou Yu
# Any comments please send to :
# zhanshou@hotmail.com
########################################################################
(2)
#Get the system date
$date=`/usr/bin/date`;
chop($date); #chop the last enter character
(3)
#Associate password with each data, password '1111' associate with data 86,etc.
%PASSWD=('1111','86',
'2222','55',
'3333','40',
'4444','100');
(4)
#get the input data from the form. Here I use POST method
read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'});
(5)
($name,$value)=split(/=/,$buffer); #split name=value to name value
$value=~tr/+/ /; #substitute plus sign with space sign
$value=~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; #decode hexdecimal to character
(6)
# print html header
print" Content-type:text/html\n\n";
$flag=0;
(7)
#Check the received password in our list or not, if in, retrieve the data.
foreach $item(keys%PASSWD)
{ if($item eq $value)
{
print "<title>Password Protection Retrieve Result</title>";
print "<center><h1> Password Protection Retrieve Result</h1> <center>";
print "<hr>";
print "<h4>Your retrieved data: <font color=#228b22>$PASSWD{$item}</font>.</h4>";
$flag=1;
last;
}
}
(8)
# Not a valid password, print the error message.
if($flag==0)
{
print "<title>Retrieve Error</title>";
print "<center><h1> Retrieve Error</h1>";
print "<hr>";
print "<h4> You enter the wrong password,get back and try again!</h4></center>";
}
exit;
Program Analysis
- (1) (2) Same as Online test example. Invoke the Perl interpreter and get the system date.
- (3) Put the data in the list and specify the password:
%PASSWD=('1111', '86', '2222', '55', '3333', '40', '4444', '100');This is the place where you put your data and password. In this example, we have four data: 86, 55, 40, 100, the passwords associated with them are 1111, 2222, 3333, 4444 respectively. You can add any number of data and password to the list. If you want to add more information, for example, if you want to add your name and SSN, you can define the associate array like this:%PASSWD=('1111', 'Name : Zhanshou Yu SSN : 222222222 Score : 86', '2222', 'Name : Jame SSN : 225355783 Score : 55', '3333', 'Name : Lisa SSN : 324567878 Score : 40', '4444', 'Name : Jeff SSN : 123456789 Score : 100'); - (4) Get the input string from the form.
- (5) Decode and parsing the input string.
- (6) Print the HTML header.
- (7)Verify the password:
foreach $item(keys%PASSWD) { if($item eq $value) { print "<title>Password Protection Retrieve Result</title>"; print "<center><h1> Password Protection Retrieve Result</h1> <center>"; print "<hr>"; print "<h4>Your retrieved data: <font color=#228b22>$PASSWD{$item}</font>.</h4>"; $flag=1; last; } }For each item in the %PASSWD list, check whether the password is equal to the password entered. If two matched, print out the data associate with the password and set the found flag $flag=1. Then exit the loop. - (8) If not found, print the error message:
if($flag==0) { print "<title>Retrieve Error</title>"; print "<center><h1> Retrieve Error</h1>"; print "<hr>"; print "<h4> You enter the wrong password,get back and try again!</h4></center>"; }
