CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
Search Posts SEARCH
Who's Online WHO'S
Log in LOG

Home: Perl Programming Help: Beginner:
password verification problem



Mar 8, 2000, 4:49 AM

Post #1 of 3 (1644 views)
password verification problem Can't Post

dear all,

i wanted to do something like this via a cgi-script.

a user who have a user account on the server, enters his login namd and password and then if his password matches the password in the system file i.e. passwd or shadow file, he is given furthur access.

everything else is working fine, just how do i get this password check. anyone any idea ?

please help.


Mar 8, 2000, 6:37 AM

Post #2 of 3 (1644 views)
Re: password verification problem [In reply to] Can't Post

If you want to find out a the entry for a user's password in a the system's /etc/passwd file, use the getpwnam() function:

<BLOCKQUOTE><font size="1" face="Arial,Helvetica,sans serif">code:</font><HR>

@data = getpwnam($username);
# or, to specifically get the password
$password = (getpwnam($username))[1];

Note: passwords are encrypted and cannot be decrypted. This is A Good Thing.

The documentation on the crypt() function tells you how to check if a guess at the password is the right guess.

I think I'll get to work on an article for The Learning Center on how to interact with system password files, and how to properly use crypt(), etc.

Red Dragon

Mar 8, 2000, 1:59 PM

Post #3 of 3 (1644 views)
Re: password verification problem [In reply to] Can't Post

If you wish to compare the submitted password and the password on file after you have retrieved the password on file you can:

<BLOCKQUOTE><font size="1" face="Arial,Helvetica,sans serif">code:</font><HR>

if(crypt($FORM{'pass'},substr($password,0,2)) eq $password)
code for a match;
code for an error;
$FORM{'password'} being the variable representing the submited password and $password being the encrypted password retrieved from the password file

Red Dragon


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives