Okay, going by allthingsfree's comments above, Ryan wants us to post and improve the code. So, here it is. I can get it to add users, and I can login, but that's about it. The cookie doesn't seem to set, and the "Lost Password" thing doesn't work for me. I use IE5.
In Reply To:
#!/usr/bin/perl
use CGI::Cookie;
use CGI();
use CGI::Carp qw/fatalsToBrowser/;
use CGI qw(:standard);
use DBI;
require "/home/allgamesfree/public_html/cgi-bin/games/admin/links.cfg";
require "$db_lib_path/db_utils.pl";
require "$db_lib_path/links.def";
require "/home/allgamesfree/public_html/cgi-bin/games/admin/Mailer.pm";
$build_use_templates ?
require "$db_lib_path/site_html_templates.pl" :
require "$db_lib_path/site_html.pl";
$|++;
$username = "username";
$password = "password";
$database = "dbname";
&main();
#BEGIN MAIN-------------------------------------------------------------------
sub main {
if (param('email')) {
&login();
} elsif (param('regemail')) {
Ūme();
} elsif ($gamestring) {
&display();
} elsif (param('delete')) {
&delete_id();
} elsif (param('add')) {
&add_id();
} elsif (param('modify')) {
&modify();
} elsif (param('newpass') or param('confirmnewpass') or param('newemail')) {
&modifyme();
} elsif (param('forgot')) {
&forgot();
} elsif (param('sendpassto')) {
&sendpassto();
} else {
&disp_login();
}
}
#END MAIN---------------------------------------------------------------------
#BEGIN DISPLAY----------------------------------------------------------------
sub display {
$sep = "WASEMAILNOWPASS";
print "Content-type: text/html\n\n";
@g2 = split(/x/, $gamestring);
foreach (@g2) {
last if ($_ eq "");
$OUT{'links'} .= &site_html_my_link (&get_record ($_));
}
&site_html_my_home ( { %OUT } );
print qq~
<SCRIPT language="JavaScript">
function SetCookie (name,value,expires,path,domain,secure) {
document.cookie = name + "=" + escape (value) +
((expires) ? "; expires=" + expires.toGMTString() : "") +
((path) ? "; path=" + path : "") +
((domain) ? "; domain=" + domain : "") +
((secure) ? "; secure" : "");
}
if(document.cookie) {
} else {
SetCookie ("mygames", "$email$sep$pass", null, "/");
}
</SCRIPT>
</body>
</html>
~;
$gamestring = "";
}
#END DISPLAY------------------------------------------------------------------
#BEGIN DISP_LOGIN-------------------------------------------------------------
sub disp_login {
if (param('add_id')) { $id = param('add_id'); }
&header();
print qq ~
<center><p>
<b>myGames</b>
<table width=500><tr><td><p align="justify">
As a myGames user, your favorite java and shockwave games are stored on allgamesfree.com. Login
from any computer and your favorite games will be listed on one easy-to-view page.
</td></tr></table><p>
<table><tr>
<td valign="top" width=250>
<b>current users: login</b><p align="justify">
Enter your email address and password to access myGames.
<form name="register" method="post" action="/mygames.cgi">
<input type="hidden" name="add_id" value="$id">
<table>
<tr><td>email:</td><td><input type="text" name="email" value="$email"></td></tr>
<tr><td>password: </td><td><input type="password" name="pass"></td></tr>
<tr><td colspan=2 align="right"><input type="submit" value="login"></td></tr>
</table>
</form>
$error
<p align="justify">
<a href=\"mygames.cgi?lost=password\">lost your password?</a>
</td>
<td>
</td><td valign="top" width=250>
<b>new users: register</b><p align="justify">
Registration only requires a valid email address. No other annoying forms to fill out!
<form name="register" method="post" action="/mygames.cgi">
<input type="hidden" name="add_id" value="$id">
<table>
<tr><td>email: </td><td><input type="text" name="regemail"></td></tr>
<tr><td colspan=2 align="right"><input type="submit" value="register"></td></tr>
</table>
</form>
$error2
<p align="justify">
A password will be emailed to you and is required for any logins beyond this first one.
</tr></table>
</center>
~;
&footer();
}
#END DISP_LOGIN---------------------------------------------------------------
#BEGIN BAD_PASS---------------------------------------------------------------
sub bad_pass {
$email = param('email');
$error = "<font color=\"red\"><b>incorrect password</b></font>";
&disp_login();
}
#END BAD_PASS-----------------------------------------------------------------
#BEGIN BAD_EMAIL--------------------------------------------------------------
sub bad_email {
$email = param('email');
$error = "<font color=\"red\"><b>$email
is not registered</b></font>";
$email = "";
&disp_login();
}
#END BAD_EMAIL----------------------------------------------------------------
#BEGIN REGME------------------------------------------------------------------
sub regme {
$regemail = param('regemail');
@pass = split(/\@/,$regemail);
srand;
$number = int(rand(100)) + 1;
$regpw = $pass[0] . $number;
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT email FROM users WHERE email = '$regemail'");
$sth -> execute();
@data = $sth->fetchrow_array;
if ($regemail eq $data[0]) {
$email = param('regemail');
$error2 = "<font color=\"red\"><b>$email
is already registered</b></font>";
$dbh->disconnect;
&disp_login();
} else {
$sth = $dbh->prepare("INSERT INTO users VALUES ('','$regemail','$regpw','')");
$sth -> execute();
$dbh->disconnect;
#begin mailing
$db_mail_path = "/usr/sbin/sendmail";
$from = "games\@allgamesfree.com";
$subject = "enjoy myGames";
$to = $regemail;
$msg = qq|
As a myGames user, your favorite java and shockwave games are
stored on allgamesfree.com. Login from any computer and your
favorite games will be listed on one easy-to-view page.
Use your email address and password \"$regpw\" to login.
If you don't like this password you can change it.
http://www.allgamesfree.com/mygames.cgi
|;
$db_mailer_log = '';
my $mailer = new Mailer ( {
sendmail => $db_mail_path,
from => $from,
subject => $subject,
to => $to,
msg => $msg,
log => $db_mailer_log
} ) or return;
$mailer->send or return;
#end mailing
$regme = 1;
$added_id = param('add_id');
&login();
}
}
#END REGME--------------------------------------------------------------------
#BEGIN LOGIN------------------------------------------------------------------
sub login {
if ($regme == 1) {
$email = $regemail;
$pass = $regpw;
} else {
$email = param('email');
$pass = param('pass');
}
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT pass FROM users WHERE email = '$email'");
$sth -> execute();
@data = $sth->fetchrow_array;
$pword = $data[0];
if ($pword) {
if ($pword eq $pass) {
$sth = $dbh->prepare("SELECT ids FROM users WHERE email = '$email'");
$sth -> execute();
@data = $sth->fetchrow_array;
$game_ids = $data[0];
@g_ids = split(/::/,$game_ids);
$num = 0;
foreach $game (@g_ids) {
if ($num == 0) {
$gamestring = $game;
++$num;
} else {
$gamestring = $gamestring . "x" . $game;
}
}
if ($regme == 1) {
if ($added_id) {
$gamestring = $added_id;
$data[0] = $added_id;
$sth = $dbh->prepare("UPDATE users SET ids = '$data[0]' WHERE email = '$email'");
$sth -> execute();
}
} elsif (param('add_id')) {
$added_id = param('add_id');
foreach (@g_ids) {
if ($_ == $added_id) { $noadd = 1; }
}
if ($noadd != 1) {
$gamestring = $added_id . "x" . $gamestring;
$data[0] = $added_id . "::" . $data[0];
}
$sth = $dbh->prepare("UPDATE users SET ids = '$data[0]' WHERE email = '$email'");
$sth -> execute();
}
$whereto = "mygames";
} else {
$whereto = "password";
}
} else {
$whereto = "email";
}
$dbh->disconnect;
if ($whereto eq "mygames") { &display(); }
if ($whereto eq "password") { &bad_pass(); }
if ($whereto eq "email") { &bad_email(); }
}
#END LOGIN--------------------------------------------------------------------
#BEGIN DELETE_ID--------------------------------------------------------------
sub delete_id {
$id = param('delete');
@nvpairs=split(/; /, $ENV{'HTTP_COOKIE'});
foreach $pair (@nvpairs) {
($name, $value) = split(/=/, $pair);
$cookie{$name} = $value;
}
$email_and_pass = $cookie{'mygames'};
@cookie_data = split(/WASEMAILNOWPASS/,$email_and_pass);
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT ids FROM users WHERE email = '$cookie_data[0]'");
$sth -> execute();
@data = $sth->fetchrow_array;
@ids = split(/::/,$data[0]);
$num = 0;
foreach (@ids) {
if ($id != $_) {
$new_ids[$num] = $_;
++$num;
}
}
$num = 0;
if (@new_ids) {
foreach (@new_ids) {
if ($num == 0) {
$id_string = $_;
} else {
$id_string = $id_string . "::" . $_;
}
++$num;
}
}
$sth = $dbh->prepare("UPDATE users SET ids = '$id_string' WHERE email = '$cookie_data[0]'");
$sth -> execute();
$dbh->disconnect;
@gs = split(/::/,$id_string);
$num = 0;
foreach (@gs) {
if ($num == 0) {
$gamestring = $_;
} else {
$gamestring = $gamestring . "x" . $_;
}
++$num;
}
&display();
}
#END DELETE_ID----------------------------------------------------------------
#BEGIN ADD_ID-----------------------------------------------------------------
sub add_id {
$id = param('add');
@nvpairs=split(/; /, $ENV{'HTTP_COOKIE'});
if (@nvpairs) {
foreach $pair (@nvpairs) {
($name, $value) = split(/=/, $pair);
$cookie{$name} = $value;
}
$email_and_pass = $cookie{'mygames'};
@cookie_data = split(/WASEMAILNOWPASS/,$email_and_pass);
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT ids FROM users WHERE email = '$cookie_data[0]'");
$sth -> execute();
@data = $sth->fetchrow_array;
@data_check = split(/::/,$data[0]);
foreach (@data_check) {
if ($_ == $id) { $notadd = 1; }
}
if ($notadd != 1) { $data[0] = $id . "::" . $data[0]; }
$sth = $dbh->prepare("UPDATE users SET ids = '$data[0]' WHERE email = '$cookie_data[0]'");
$sth -> execute();
$dbh->disconnect;
@gs = split(/::/,$data[0]);
$num = 0;
foreach (@gs) {
if ($num == 0) {
$gamestring = $_;
} else {
$gamestring = $gamestring . "x" . $_;
}
++$num;
}
&display();
} else {
&disp_login();
}
}
#END ADD_ID-------------------------------------------------------------------
#BEGIN MODIFY-----------------------------------------------------------------
sub modify {
@nvpairs=split(/; /, $ENV{'HTTP_COOKIE'});
if (@nvpairs) {
foreach $pair (@nvpairs) {
($name, $value) = split(/=/, $pair);
$cookie{$name} = $value;
}
$email_and_pass = $cookie{'mygames'};
@cookie_data = split(/WASEMAILNOWPASS/,$email_and_pass);
&header();
print qq ~
<center><p>
<b>myGames</b>
<p>
enter a new email, password, or both
<form name="modify" method="post" action="/mygames.cgi">
<table>
<tr><td>new email: </td><td><input type="text" name="newemail"></td></tr>
<tr><td>new password: </td><td><input type="password" name="newpass"></td></tr>
<tr><td>new password again: </td><td><input type="password" name="confirmnewpass"></td></tr>
<tr><td colspan=2 align="right"><input type="submit" value="modify"></td></tr>
</table>
</form>
$error
~;
&footer();
} else {
&disp_login();
}
}
#END MODIFY-------------------------------------------------------------------
#BEGIN MODIFYME---------------------------------------------------------------
sub modifyme {
$error = "";
$newpass1 = param('newpass');
$newpass2 = param('confirmnewpass');
$newemail = param('newemail');
@nvpairs=split(/; /, $ENV{'HTTP_COOKIE'});
foreach $pair (@nvpairs) {
($name, $value) = split(/=/, $pair);
$cookie{$name} = $value;
}
$email_and_pass = $cookie{'mygames'};
@cookie_data = split(/WASEMAILNOWPASS/,$email_and_pass);
if ($newemail) {
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT email FROM users WHERE email = '$newemail'");
$sth -> execute();
@data = $sth->fetchrow_array;
$dbh->disconnect;
if ($newemail eq $data[0]) {
$error = "<font color=\"red\"><b>$newemail
is already registered</b></font>";
&modify();
} else {
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("UPDATE users SET email = '$newemail' WHERE email = '$cookie_data[0]'");
$sth -> execute();
$dbh->disconnect;
$email = $newemail;
}
} else {
$newemail = $cookie_data[0];
$email = $newemail;
}
if ($newpass1 or $newpass2) {
if ($newpass1 eq $newpass2) {
$pass = $newpass;
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("UPDATE users SET pass = '$newpass1' WHERE email = '$newemail'");
$sth -> execute();
$dbh->disconnect;
} else {
$error = "<font color=\"red\"><b>passwords do not match</b></font>";
&modify();
}
} else {
$pass = $cookie_data[1];
}
if (!$error) {
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT ids FROM users WHERE email = '$newemail'");
$sth -> execute();
@data = $sth->fetchrow_array;
$dbh->disconnect;
$game_ids = $data[0];
@g_ids = split(/::/,$game_ids);
$num = 0;
foreach $game (@g_ids) {
if ($num == 0) {
$gamestring = $game;
++$num;
} else {
$gamestring = $gamestring . "x" . $game;
}
}
$pass = $newpass1;
&display();
}
}
#END MODIFYME-----------------------------------------------------------------
#BEGIN HEADER-----------------------------------------------------------------
sub header {
print "Content-type: text/html\n\n";
open(HEADER_FILE, "</home/allgamesfree/public_html/cgi-bin/games/admin/templates/my_header.html");
while (<HEADER_FILE>) {
print $_;
}
close(HEADER_FILE);
}
#END HEADER-------------------------------------------------------------------
#BEGIN FOOTER-----------------------------------------------------------------
sub footer {
#open(FOOTER_FILE, "<admin/templates/my_footer.html");
#while (<FOOTER_FILE>) {
# print $_;
#}
#close(FOOTER_FILE);
print "<p align=\"center\">contact <a href=\"mailto:games\@allgamesfree.com\">games\@allgamesfree.com</a>";
print "</body></html>";
}
#END FOOTER-------------------------------------------------------------------
#BEGIN FORGOT-----------------------------------------------------------------
sub forgot {
&header();
print qq ~
<center><p>
<b>myGames</b>
<p>
have your password emailed
<form name="forgot" method="post" action="/mygames.cgi">
<table>
<tr><td>email: </td><td><input type="text" name="sendpassto"></td></tr>
<tr><td colspan=2 align="right"><input type="submit" value="send it"></td></tr>
</table>
</form>
$error
~;
&footer();
}
#END FORGOT-------------------------------------------------------------------
#BEGIN SENDPASSTO-------------------------------------------------------------
sub sendpassto {
$sendpassto = param('sendpassto');
$dbh = DBI->connect ("DBI:mysql:$database", $username, $password);
$sth = $dbh->prepare("SELECT pass FROM users WHERE email = '$sendpassto'");
$sth -> execute();
@data = $sth->fetchrow_array;
$dbh->disconnect;
if ($data[0]) {
#begin mailing
$db_mail_path = "/usr/sbin/sendmail";
$from = "games\@allgamesfree.com";
$subject = "myGames password";
$to = $sendpassto;
$msg = qq|
Did you forget that "$data[0]" is your myGames password? Now you'll
be able to play your favorite java and shockwave games again.
http://www.allgamesfree.com/mygames.cgi
|;
$db_mailer_log = '';
my $mailer = new Mailer ( {
sendmail => $db_mail_path,
from => $from,
subject => $subject,
to => $to,
msg => $msg,
log => $db_mailer_log
} ) or return;
$mailer->send or return;
#end mailing
&disp_login();
} else {
$error = "<font color=\"red\"><b>$sendpassto is not registered</b></font>";
&forgot();
}
}
#END SENDPASSTO---------------------------------------------------------------
This would be great to get working and have good instructions.