From 8459903fa0ab8e61a9a373ef74c2e6c3963b7c78 Mon Sep 17 00:00:00 2001 From: cos Date: Sun, 19 Jun 2016 20:24:32 +0200 Subject: Implement login via web. --- cgi-bin/mat.cgi | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) (limited to 'cgi-bin/mat.cgi') diff --git a/cgi-bin/mat.cgi b/cgi-bin/mat.cgi index 52239d5..d8845f7 100755 --- a/cgi-bin/mat.cgi +++ b/cgi-bin/mat.cgi @@ -14,6 +14,7 @@ my $q = new CGI::Simple; my $id = $q->param('id'); my $action = $q->param('action'); my $storage = $q->param('storage'); +my $password = $q->param('password'); my $session = CGI::Session->new(undef, undef, {Directory => $Config{'session_directory'}}); @@ -85,29 +86,51 @@ sub cmd_relocate($$) cmd_view($id); } +sub cmd_login($) +{ + my ( $password ) = @_; + + if ( $password and ($password eq $Config{'password'} )) { + $session->param('authenticated', "yes"); + print "welcome."; + } else { + print "
\n"; + print "\n"; + print "\n"; + print "
\n"; + } +} + ### MAIN PROGRAM ############################################################## misconfigured unless ($Config{'database'}); misconfigured unless $session; -invalid_input unless ($id and $action); +invalid_input unless $action; + +if ($action eq "view") { + invalid_input unless ($id and $id =~ m/^[0-9]+$/); +} elsif ($action eq "relocate") { + invalid_input unless (($id =~ m/^[0-9]+$/) and ($storage =~ /^[a-z0-9]*$/)); +} elsif ($action eq "login") { +} else { + invalid_input; +} -invalid_input unless (($id =~ m/^[0-9]+$/) - and ($action =~ m/^view|relocate$/) and ($storage =~ /^[a-z0-9]*$/)); send_cookie; for ($action) { if (/^view$/) { cmd_view($id); - } - elsif (/^relocate$/) { + } elsif (/^relocate$/) { if ($session->param('authenticated') eq "yes") { $session->expire("5y"); cmd_relocate($id, $storage); } else { unauthorized(); } - } - else { + } elsif (/^login$/) { + cmd_login($password); + } else { invalid_input; } } -- cgit v1.2.3