#1
  1. No Profile Picture
    chinnavi
    Guest
    Devshed Newbie (0 - 499 posts)
    hai
    i have one problem with my CGI Script !.
    I have a Login Form that will ask users the login and password AND clicking on Submit button ...
    Now i wrote the validation script that will check for login and password correct and throw other htmls...
    The problem is , after clicking the button i can see what is the form contents , there everybody could able to see the the URL like this .... http://192.168.0.10/cgi-bin/cgi2.cgi...line&section=a
    i wanna erase passwd section to be not viewable ... How can i do this ....?


    vijay
  2. #2
  3. No Profile Picture
    freebsd
    Guest
    Devshed Newbie (0 - 499 posts)
    >>i wanna erase passwd section to be not viewable ... How can i do this ....?

    Use POST method instead.
  4. #3
  5. No Profile Picture
    ledjon
    Guest
    Devshed Newbie (0 - 499 posts)
    Make sure you have your cgi script setup to parse the POST info rather than the GET info (which is what you have right now). Or you could have it parse both.
  6. #4
  7. No Profile Picture
    chinnavi
    Guest
    Devshed Newbie (0 - 499 posts)
    hai
    thanks all for your valuable suggestion ..

    i dont know to parse the GET and POST info
    --->
    Make sure you have your cgi script setup to parse the POST info rather than the GET info
    --->

    Can you please tell mer how to parse the POST
    or GET info?


    vijay
  8. #5
  9. No Profile Picture
    ledjon
    Guest
    Devshed Newbie (0 - 499 posts)
    <BLOCKQUOTE><font size="1" face="Verdana,Arial,Helvetica">code:</font><HR><pre>
    ####
    &sub parse_data;

    sub parse_data {
    ####Post Data
    read(STDIN, $namevalues, $ENV{'CONTENT_LENGTH'});
    @namevalues = split(/&/, $namevalues);
    foreach $namevalue (@namevalues) {
    ($name, $value) = split(/=/, $namevalue);
    $name =~ tr/+/ /;
    $value =~ tr/+/ /;
    $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $INPUT{$name} = $value;
    }
    ####Get Data
    $temp=$ENV{'QUERY_STRING'};
    @pairs=split(/&/,$temp);
    foreach $item(@pairs) {
    ($name,$value)=split (/=/,$item,2);
    $value=~tr/+/ /;
    $value=~ s/%(..)/pack("c",hex($1))/ge;
    $request{$name}=$value;
    }
    }#End Sub
    ####
    [/code]

    let's say you have a for with: <input type="text" name="asdf">

    if you use the get method (put 'method="GET"'
    in the <form> tag) the $request{asdf} would be that sting. If you use the POST method $INPUT{asdf} would hold the data.

IMN logo majestic logo threadwatch logo seochat tools logo