Passwords

One of the interesting properties of CGI scripts is that, even though any user can execute them, there is no way to display them on the screen.  

e-mail me if you know differently. This means a password script can be as simple as this:

#********BEGIN BODY**************

if ($value[0] ne "mypassword") {
  print "Invalid Password";
} else {
print '

<BODY BGCOLOR="WHITE">

<H1> Welcome, you have entered the<P>
Password protected site </H1>

';
};

#*********END BODY***************

To use this script, you will need to create an HTML page with a form on it. If the password is the only box in the form, it will be passed to $value[0] when it runs this script.

Unlike JavaScript, the user cannot see this source code, so it is safe to use an IF statement at the top of the code.

if ($value[0] ne "mypassword") {

The first line is an IF statement, similar to the one used in JavaScript (and every other programming language).

In Perl, the IF statement is different, depending on whether you are comparing numbers or text.
To compare numbers, you use the ==, !=, >, < signs.

==    is equal to (for numbers)
!=    is not equal to (for numbers)
>    is greater than
>=    is greater than or equal to
<    is less than
<=    is less than or equal to

If you are comparing text, you use the letters eq to test if two values are equal, and ne to test if they are not equal.

eq    is equal to (for text)
ne    is not equal to (for text)
 
The statement above will perform whatever follows it if the user's text is NOT equal to "mypassword."

I chose to write it this way because it gets the smaller set of commands out of the way first.  Then I can write
an ELSE statement, and create an entire page, followed by a close brace } at the end.

You have to print SOMETHING, or else you will get a "document contains no data" error.  If you want to be nice, you could include a link back to the password page so they user can try again.

Since we asked if the user entry DOES NOT equal "mypassword", it stands to reason that the commands following an ELSE statement will only be executed if the user enttry DOES equal "mypassword.  Whatever follows is only executed to users that typed in the correct password.

<BODY BGCOLOR="WHITE">

<H1> Welcome, you have entered the<P>
Password protected site </H1>

';

Once again we are taking advantage of Perl's ability to include carriage returns in quotes.  The text displayed here is only 1 statement.  It takes place over many lines, but it does not end until the close quotation mark, and the semicolon.   Notice that I used SINGLE QUOTES here, not double quotes.  Single quotes take everything literally, so there is no need to use a backslash to escape out of double quotes, semicolons, @ symbols, $ signs etc.  Compare these two statements:

$myfruit = "apples";
print "I love \nto eat $myfruit";
>  I love
>  to eat apples
 

print 'I love \nto eat $myfruit';
>  I love \nto eat $myfruit

The double quotes are much smarter than the single quotes.  They interpreted the \n character into a newline.  The double quotes also replaced the text $myfruit with the contents of the variable.  The single quotes simply displayed the text as it was typed.  This is easier
for displaying an HTML page, because if the web page contains any special characters, the double quotes would try to interpret them.

You can always force the double quotes to ignore a special character by preceding it with a backslash \ character.  We COULD have written the print statement this way.

print "I love \\n to eat \$myfruit";
>  I love \n to eat $myfruit

IN SUMMARY: Use the single quotes when you are sure you will not want Perl to substitute any special characters.  Use double quotes to allow Perl to insert variables and newlines and such.

HTML Form | Guestbook Form | Hit Counters