pop up to capture user and password

Hello,

I am currently knee deep in a cgi program intended to query the user
for their username and password
and then logging in to an aplication with a http;/IP/login?
MyId=12345&username=bert&password=xxxx

Have successfully called from a program an URL IPadress/cgi-bin/
myprog.cgi?MyId=12345
myprog.cgi has been invoked and unwebified the input thus:
#!/usr/bin/perl
# Get the input
$buffer = $ENV{'QUERY_STRING'};
@pairs = split(/&/, $buffer);
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$name =~ tr/+/ /;
$name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

So could someone please help me with what to do next?
It is rather urgent, in a fit of enthusiasm promised it for today
without having a proper knowledge...

TIA

J

Re: pop up to capture user and password

burrell.john@yahoo.com wrote:
>
> #!/usr/bin/perl
> # Get the input
> $buffer = $ENV{'QUERY_STRING'};
> @pairs = split(/&/, $buffer);
> foreach $pair (@pairs)
> {
> ($name, $value) = split(/=/, $pair);
> # Un-Webify plus signs and %-encoding
> $value =~ tr/+/ /;
> $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
> $name =~ tr/+/ /;
> $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
> $FORM{$name} = $value;
> }


Ick! Don't do that - it's not only ugly code but prone to errors.
Use the CGI module that comes with Perl.

Also, get used to using the 'strict' and 'warnings' pragmas - it
will make your code better.

#!/usr/bin/perl
use strict;
use warnings;
use CGI ':standard';

my $id = param( 'MyId' );
# ... etc

Type `perldoc CGI` for the details.

Re: pop up to capture user and password

On 18 Jan, 14:20, Dave Weaver wrote:
> burrell.j...@yahoo.com wrote:

> Ick! Don't do that - it's not only ugly code but prone to errors.
> Use the CGI module that comes with Perl.
>
> Also, get used to using the 'strict' and =A0'warnings' pragmas - it
> will make your code better.
>
> =A0#!/usr/bin/perl
> =A0use strict;
> =A0use warnings;
> =A0use CGI ':standard';
>
> =A0my $id =3D param( 'MyId' );
> =A0# ... etc
>
> Type `perldoc CGI` for the details.- Hide quoted text -
Thanks - Good advice! Read the fine Perldoc!
Got a few lines of good code!
What I want to do now is MD5 hash the password and invoke another URL
in a new window passing in MyId, User and secret.
Can you please tell me the next step??

#!/usr/bin/perl
use strict;
use warnings;
use CGI ':standard';
my $MyId =3D param( 'MyId' );
print header,
start_html('Enter Logon Details'),
h1('Enter Logon Details'),
h1($LinkId),
start_form,
"What's your name? ",textfield('user'),p,
"What's your password? ",password_field('secret','',50,80);
submit,
end_form,
hr;

Re: pop up to capture user and password

burrell.john@yahoo.com wrote:
[...]
> What I want to do now is MD5 hash the password and invoke another URL
> in a new window passing in MyId, User and secret.
> Can you please tell me the next step??

Actually, what you want to do now is some research. There are MD5
modules available (http://search.cpan.org/search?query=md5&mode=all)
and plenty of documentation, books, and articles on CGI. Use your
favorite Internet search engine to help find them and after you've
learned what to do and have specific questions or problems, then
post your code and your questions.

Re: pop up to capture user and password

On 18 Jan, 17:26, "J. Gleixner"
wrote:
> burrell.j...@yahoo.com wrote:
>
> [...]
>
> > What I want to do now is MD5 hash the password and invoke another URL
> > in a new window passing in MyId, User and secret.
> > Can you please tell me the next step??
>
> Actually, what you want to do now is some research. =A0There are MD5
> modules available (http://search.cpan.org/search?query=3Dmd5&mode=3Dall)
> and plenty of documentation, books, and articles on CGI. =A0Use your
> favorite Internet search engine to help find them and after you've
> learned what to do and have specific questions or problems, then
> post your code and your questions.

Thanks for that! I now have the following code:
#!/usr/bin/perl
use strict;
use warnings;
use CGI ':standard';
use Digest::MD5 qw(md5_hex);
my $LinkId =3D param( 'MyId' );
print header,
start_html('Enter Louis Logon Details'),
h1('Enter Louis Logon Details`'),
h1($MyId),
start_form,
"What's your name? ",textfield('name'),p,
"What's your password? ",textfield('password'),p,
submit,
end_form,
hr;

Actually I think I need to pass the 3 values $MyId, $Name and
$password like so:
http://IP/cgi-bin/nextProg.cgi?MyId=3D123&Name=3Dfred&passwo rd=3Dsecret
So I need to work some magic with submit.

Mr Google seems silent on how to do this.
If you help me I will be a happy man - and so will my boss and a
number of other people...

Re: pop up to capture user and password

burrell.john@yahoo.com wrote:
[...]
> Actually I think I need to pass the 3 values $MyId, $Name and
> $password like so:
> http://IP/cgi-bin/nextProg.cgi?MyId=123&Name=fred&password=s ecret
> So I need to work some magic with submit.

Not with submit. See redirect() in perldoc CGI. To muddy the
waters further, you could also look at CGI::Auth which allows
MD5 as an option.

>
> Mr Google seems silent on how to do this.

Really? Then you asked Mr. Google the wrong question.
Maybe you should spend more than 5-minutes with Mr. Google
and start with a CGI tutorial.

> If you help me I will be a happy man - and so will my boss and a
> number of other people...

Sorry, your boss doesn't pay me enough to do your work for you.

Re: pop up to capture user and password

On 18 Jan, 19:53, "J. Gleixner"
wrote:
> burrell.j...@yahoo.com wrote:
>
> [...]
>
> > Actually I think I need to pass the 3 values $MyId, $Name and
> > $password like so:
> >http://IP/cgi-bin/nextProg.cgi?MyId=3D123&Name=3Dfred&passw ord=3Dsecret
> > So I need to work some magic with submit.
>
> Not with submit. See redirect() in perldoc CGI.
Ta. Will do.
To muddy the
> waters further, you could also look at CGI::Auth which allows
> MD5 as an option.
Sounds good will do..
>
>
>
> > Mr Google seems silent on how to do this.
>
> Really? =A0Then you asked Mr. Google the wrong question.
> Maybe you should spend more than 5-minutes with Mr. Google
> and start with a CGI tutorial.
Actually I think I needed to know about the -sction parameter examples
of which are a bit scarce in tutorials..
>
> > If you help me I will be a happy man - and so will my boss and a
> > number of other people...
>
> Sorry, your boss doesn't pay me enough to do your work for you.
No worries - thanks for your help