Need some suggestions...

[tviman]

Hi all!

I'm working on a site that uses a lot of perl scripts to render various web pages. My client wants his visitors, who have already set up accounts, to always enter the site through a login page. If a user adds a particular page to his "favorites" list and tries to enter the site, we want to redirect them back to the login page.

My client is adamant about not using cookies. I've toyed with the idea of making some sort of "secret code" and passing it along to each of the pages as the user surfs the site but that seems rather crude. And they use a commercial ISP so I'm pretty much limited to what I can do using perl.

Have any of you done something like this? I'd greatly appreciate any ideas you all may have.

Thanking all in advance!!! There's always a better way...

 

[diodotus]

There are a number of ways to do this.

I'll suggest a cheap and easy version:
Use a _single_ frame, and load each page into that single frame. If they bookmark it, they'll bookmark the first page they found on your site, because they will still be at that same URL. Just be sure to include <noframes> code, for those of us who use text-based browsers.

A little more complicated:
Create only one URL on your server -- a perl script which has access to an offline directory containing all of your &quot;real&quot; pages. If the script is called without a particular we'll call it &quot;page_sought&quot; variable set, it will automatically load the index.html file from the directory; if the &quot;page_sought&quot; variable is set, it loads that page. But each &quot;link&quot; should instead be a single-button form that sends the directory path to the file you want loaded as a hidden &quot;page_sought&quot; variable. Warning -- make sure that your program doesn't allow &quot;..&quot; or &quot;/&quot; in the variable name -- you don't want your CGI script to become a hacker's tool to read any file that your http server can read.

I hope that this helps!
-- Scott David Gray
reply-to: sgray@sudval.org

http://www.unseelie.org

 

[iggit]

#Add ?username=$ENV{&quot;REMOTE_USER&quot;} to each script call or
#Add ?username=$field{'username'} to each script call
#to pass the logged in username from script to script
#OR
#Place as first executable routine in each script
#Read the username upon login using
$username = $ENV{&quot;REMOTE_USER&quot;};
#then
#remember you have to keep that field active and populated
#set each script to look for $username to be a value
if ($field{'username'} eq &quot;&quot{ #or $input{'username'} et.at.
print qq~
<html>
<HEAD>
<META HTTP-EQUIV=&quot;refresh&quot; content=&quot;0;URL=http://[your page url]&quot;>
</HEAD>
<body>
</body>
</html>
~;
exit;
}
if ($username eq &quot;&quot{
print qq~
<html>
<HEAD>
<META HTTP-EQUIV=&quot;refresh&quot; content=&quot;0;URL=http://[your page url]&quot;>
</HEAD>
<body>
</body>
</html>
~;
exit;
}
#this wil capture the log in and if it has an active
#username in the ENV it will not force the page to load
#the main site page but without one it will

good luck