Cookies not working properly CGI program 1

[kre1973]

I have the following two cgi scripts below, one is for logging into the website as an admin.

The problem I'm having is that my: umzadmin.cgi script makes me login twice before I can use the website. I think my cookie setup is wrong.
Could you please review the scripts and see where I'm going wrong??

My umzinput.cgi script below:

#!/opt/perl/bin/perl

use strict;
use CGI qw/:standard/;
use CGI::Carp qw(fatalsToBrowser);

my $scriptPath = "/cgi-bin/dailyops/bin/umzinput.cgi"; #path to cgi-script.
my $mainTable = "/nmlprod/dailyops/rpts/tmp/umzinput.csv"; #name of master table list
if (!param()){
    &Startup(); #No params were passed, go to index page.
}#endif
elsif (param()){
    &Main(); #Params were passed, start your engines.
}#end elsif
else {
    error("Neither param or !param was sent, WTF: $!");
}#end else

sub Startup {
}#end &Startup

sub Main {
SWITCH: {
   &SortForm(param('Sort')), last SWITCH if param('Sort');
   &AddTaskForm(), last SWITCH if param('Add_Task');
     
}#end SWITCH
exit;
}#end &Main

sub SortForm {
my $sortType = $_[0];
if (defined $sortType){
my $sortCookie = cookie (    -name => "CO_TODO_COOKIE",
                -value => "$sortType",
                -expires => "+1y");
print header(-cookie => [$sortCookie]);

}
else {
print header;
}

my $i = 0;
my @filerecs;
my $tableNam;
my $tableNum;
my $fieldSep;
my @columnheaders;
my $cookie = cookie( -name => "COCS_TODO" );
my $cookiestatus;
if (!defined($ENV{HTTP_COOKIE})) { $cookiestatus ="NOPE";}else{$cookiestatus = $ENV{HTTP_COOKIE};}
if (!defined $cookie){
print << "EOF";

<font color=black><A HREF="umzadmin.cgi">Admin Login</A></font>
 
<BR>
EOF
}
else {
print << "EOF";
<A HREF="umzinput.cgi?Add_Task=Y">Add an UMZ</A>
EOF
}
print << "EOF";
<CENTER>
<TABLE BORDER=1 width="100%">
<TD WIDTH="5%"><FONT SIZE =2><B><A HREF="umzinput.cgi?Sort=UMZ_ID">UMZ ID#</A></B></FONT></TD>
<TD WIDTH="5%"><FONT SIZE =2><B><A HREF="umzinput.cgi?Sort=Server_Name">Server Name</A></B></FONT></TD>
<TD WIDTH="21%" bgcolor="cyan" align=center><FONT SIZE =3><B>Pre-MVS</B></FONT></TD>
<TD WIDTH="21%" bgcolor="cyan" align=center><FONT SIZE =3><B>Pre-C/S</B></FONT></TD>
<TD WIDTH="21%" bgcolor="cyan" align=center><FONT SIZE =3><B>Post-MVS</B></FONT></TD>
<TD WIDTH="21%" bgcolor="cyan" align=center><FONT SIZE =3><B>Post-C/S</B></FONT></TD>
<TD WIDTH="5%"><FONT SIZE =2><B><A HREF="umzinput.cgi?Sort=UMZTYPE">Server Type</A></B></FONT></TD>
</TR>
EOF

open (TABLENAM, "$mainTable") || error("Error: $!");
while (<TABLENAM>){
$filerecs[$i++] = $_;
} #end while (<TABLENAM>)
my @sorted_recs = sort SpecificSort @filerecs;
    
# write sorted array to standard output
foreach my $line (@sorted_recs) {
my @rows = split(/\^/, $line);
print "<TR>";
if (defined $cookie) {
print << "EOF";
<TD>
   <CENTER>
        <FONT SIZE=2>
        <A HREF="umzinput.cgi?UMZ_ID=$rows[0]">$rows[0]</A>
        </FONT>
   </CENTER>
</TD>
EOF
}
else {
print << "EOF";
<TD>
   <CENTER>
        <FONT SIZE=2>
        $rows[0]
        </FONT>
   </CENTER>
</TD>
EOF
}
for (my $i = 1; $i < 7; $i++){
print << "EOF";
<TD bgcolor="lightgrey">
   <CENTER>
        <FONT SIZE=2><B>
        $rows[$i]&nbsp;
       </B></FONT>
   </CENTER>
</TD>
EOF
}#end for loop
}
print << "EOF";
</TABLE>
</CENTER>
EOF
close TABLENAM;
exit;
}#end &SortForm

sub AddTaskForm {
##Add Task form code
}

My umzadmin.cgi script below:

#!/opt/perl/bin/perl
use CGI qw/:standard/;

my $filepath="umzadmin.txt";
my %userNames;
open (FILE, "$filepath") or die("Error opening file: $!");
while (<FILE>){
 my @userarray = split /\:/,$_;
chomp $userarray[1];
$userNames{$userarray[0]} = $userarray[1];
}
close FILE;
if (!param()){
    &loginScreen();
}#end if
else{
   my $remote = param('username');
   my $remote_pw = param('password');
   my $count = 0;
   foreach $key (keys %userNames){
      my $value = $userNames{$key};
      if ($key ne $remote) {next;}
      elsif ($value ne $remote_pw){
    &loginScreen("Password Incorrect<BR>");
        } #end elsif
      else {
    my $cookie = cookie(     -name => "COCS_TODO",
                -value => "granted",
                -expires => "+30m");
    print << "EOF";
Set-Cookie: $cookie
Location: [URL unfurl="true"]http://ihot1.nml.com/cgi-bin/dailyops/bin/umzinput.cgi[/URL]

EOF
      } #end else
   }#end foreach
   &loginScreen("User name not found<BR>");
} #end else

sub loginScreen {
my $error;
if (!$_[0]) {$error = " "} else {$error = $_[0]}
print header;
print << "EOF";
<HTML><TITLE>RunSheet Admin Login</TITLE>
<BODY>
<CENTER>
<H1>Login Screen</H1><BR>
$error
<FORM METHOD=post ACTION="umzadmin.cgi">
<INPUT NAME="username"><BR>
<INPUT TYPE=PASSWORD NAME="password"><BR>
<INPUT TYPE=submit value="Login"><INPUT TYPE=RESET>
</FORM>
</CENTER>
</BODY>
</HTML>
EOF
exit;
}

Thanks

 

[Kirsle]

So, you post this in the Perl forum, and they tell you to move to the CGI forum. You did that. They told you not to just post your entire code, but to do some debugging on your own. You didn't. You posted the whole code again, but with code tags this time.

I skimmed over your code real quick, and it seems that you are setting a cookie first, and then trying to check the cookie later, in the same script.

You can't do that. In one go, the server sends cookie headers and your browser saves them. Then it needs to make a second request and send its cookies back to the server.

So you can't set a cookie and print the headers and stuff, and then try to get cookies back from the client, all in one request. What you could do is to set a variable saying "okay, the cookies were sent, all is good" and have the rest of the script go based on that.

Then, the first script sets the cookies and tells itself that it did a good job with that. When the user clicks a link to access another cookie-checking CGI, they will then send their cookies, and it will know all is well too.

 

[Kirsle]

I think I should also add a little quote in here:

"25% of CGI is knowledge of the server"

You have to know how the HTTP protocol works, with sending headers especially (as that's how cookies are passed back and forth), since a good portion of CGI scripting depends on you knowing this stuff.

 

[kre1973]

Kirsle, thanks for all your help in resolving my problem in setting my cookie first and then trying to check it. This gave me some insight as to where the problem was in my code.

By the way I didn't post my entire code from the Perl forum to the CGI forum, I deleted over a third of the code before posting to this forum...

I was doing some debugging on my own, but I was getting nowhere that's why I decided to post the problem to TekTips..