dcsimg
www.webdeveloper.com
Results 1 to 12 of 12

Thread: Registration and Passwords

  1. #1
    Join Date
    Dec 2002
    Posts
    2

    Question Registration and Passwords

    Ive been workin on a webgame where i would like anybody to be able to go to my site register an account, and start using it immidiately.

    i dont know how to set it up so that other people can make thier own passwords, and store it on the servery my site is on without me having to give them a password every time.

    if anyone can help me out with some info on how to get it set up to run automatically, i would appreciate it.

    BTW: the site has tons of useful info for any net junkey. thanks for the help i have already recieved.

  2. #2
    Join Date
    Nov 2002
    Location
    NY, USA
    Posts
    731
    If your building an online game is it safe to assume that you already know and are using a server-side language? If so, which language are you using?

    Otherwise the best I can tell you is to check The CGI Resource Index for what you're looking for.

  3. #3
    Join Date
    Dec 2002
    Posts
    2
    Thanks for the link. i seem to have found what i was looking for, not to mention a fue other things i havent thougth of.

    DZ

  4. #4
    Join Date
    Dec 2002
    Location
    goldsboro,nc
    Posts
    3

    registration script

    there are some cgi and php scripts that can setup for registration with autogenerated passwords.
    Some that I know of are:
    libweb.sf.net
    postnuke

  5. #5
    Join Date
    Dec 2002
    Location
    New England
    Posts
    15
    The eaisiest way, if you haven't found one already, then i would suggest a flat-file database:

    username:password
    username1:password1
    username2:password2

    Then you can just go through them and check it:

    open(DAT,"file.txt");
    while(<DAT>){
    ($username,$password) = split(/:/);
    }
    close DAT;

    Thats how you can check them. To add to it you can just simply do an append:


    open(DAT,">>file.txt");
    print DAT "$username:$password\n";
    close DAT;

    And you've added a new record.
    You may want to get the username and password from the querysting, if you use CGI.pm:

    use CGI;
    $query = new CGI;
    $username = $query->param('username');
    $password = $query->param('password');

    And let them submit it from a form.

  6. #6
    Join Date
    Nov 2002
    Location
    NY, USA
    Posts
    731
    Craiga
    username:password
    username1:password1
    username2:password2
    You probably should choose delimiters other than : and \n that won't appear in the user's typed input.

    Craiga
    open(DAT,"file.txt");
    while(<DAT>){
    ($username,$password) = split(/:/);
    }
    close DAT;
    You should always check the return value of open. You also need to lock the file, otherwise it becomes more and more likely your data will become corrupted the more often it is called. You will also have a newline appended to every password.

    Craiga
    open(DAT,">>file.txt");
    print DAT "$username:$password\n";
    close DAT;
    Again, _must_ lock the file.

    $^W = 1;
    use strict;

    use CGI;
    use Fcntl qw{:flock :seek};

    sub UNIT_SEPARATOR() &nbsp; { "\x1f" }
    sub RECORD_SEPARATOR() { "\x1e" }

    my %user;

    # read from flat file db
    open DAT, '+>>file.txt' or die $!;
    seek DAT, 0, SEEK_SET &nbsp; or die $!;
    flock DAT, LOCK_SH &nbsp; &nbsp; &nbsp;or die $!;
    { local $/ = RECORD_SEPARATOR;
    &nbsp; while (<DAT>) {
    &nbsp; &nbsp; chomp;
    &nbsp; &nbsp; my( $user, $pass ) = split(UNIT_SEPARATOR);
    &nbsp; &nbsp; $user{$user} = $pass;
    &nbsp; }
    }
    close DAT or warn $!;

    # get new user/pass
    my $cgi = new CGI;
    if ( defined $cgi->param('user') ) {
    &nbsp; my( $user, $pass ) = ( $cgi->param('user'), $cgi->param('pass') );
    &nbsp; $$_ =~ tr/\x1e\x1f//d for \$user, \$pass;
    &nbsp; $user{$user} = $pass;
    }

    # write to flat file db
    open DAT, '>>file.txt' or die $!;
    seek DAT, 0, SEEK_SET &nbsp;or die $!;
    flock DAT, LOCK_EX &nbsp; &nbsp; or die $!;
    truncate DAT, 0 &nbsp; &nbsp; &nbsp; &nbsp;or die $!;
    { local $\ = RECORD_SEPARATOR;
    &nbsp; print DAT $_ . UNIT_SEPARATOR . $user{$_} for keys(%user);
    }
    close DAT or warn $!;
    Last edited by jeffmott; 12-30-2002 at 04:13 PM.

  7. #7
    Join Date
    Dec 2002
    Location
    New England
    Posts
    15
    Yea i was just throwing together a quick example

  8. #8
    Join Date
    Jan 2003
    Posts
    7

    Next Level?

    I'm new to the CGI/ Perl world and I was under the impression that the simple TXT file for password checking is a minimum level of security.

    How would go about offering a higher level of security, but still remaining within the CGI/ Perl world?

    For example, could you hide the username/ passwords in another file or a more secure location.

  9. #9
    Join Date
    Dec 2002
    Location
    New England
    Posts
    15
    You could encrypt the username and passwords or just the passwords.

  10. #10
    Join Date
    Jan 2003
    Posts
    7

    Could you elaborate?

    Mostly just for curiousity sake, but I would guess the encryption/ decryption logic would be somewhere in my cgi source. So using encryption would just be giving somebody another hoop to jump through to get to my data?

    Maybe were just at the low end of security here, just making incremental steps towards some ultimate secure thing if there is such.

  11. #11
    Join Date
    Nov 2002
    Location
    NY, USA
    Posts
    731
    Jay5
    using encryption would just be giving somebody another hoop to jump through
    But the CGI source is not available to users of the site. The only thing they would be able to access is the encrypted data, which does them no good (assuming you've used an adaquately strong encryption scheme).

  12. #12
    Join Date
    Jan 2003
    Posts
    7

    Ah.....

    Yea I'm still a little green here. I forgot that. My thinking or train of mind is that everybody is seeing my CGI source and I realize this may not be true. That last repy, created a spark.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles