Приглашаем посетить
Auth Check
############################################################################
# #
# auth_check() Version 1.0 #
# Written by Craig A. Patchett craig@patchett.com #
# Created 1/13/96 Last Modified 11/16/96 #
# #
# Copyright 1996 Craig Patchett & Matthew Wright. All Rights Reserved. #
# This subroutine is part of The CGI/Perl Cookbook from John Wiley & Sons. #
# License to use this subroutine or install it on a server (in original or #
# modified form) is granted only to those who have purchased a copy of The #
# CGI/Perl Cookbook. (This notice must remain as part of the source code.) #
# #
############################################################################
### Subroutine: &auth_check()
###
### Function: Checks to see if the caller of a program has entered a
### valid user ID and password using the Authenticate program.
### Will optionally call Authenticate if not.
###
### Usage: &auth_check([$AUTHENTICATE]);
###
### Variables: $AUTHENTICATE -- Optional non-zero value or string. If
### this argument is included and the visitor
### is not already authenticated, the
### subroutine will pass control over to
### Authenticate which will in turn pass
### control back to this URL after the
### visitor has been authenticated.
### Example: 1
###
### Returns: ($user_id, $last_visit) if visitor has been authenticated.
### $user_id is the visitor's user ID, $last_visit is the
### date of the visitor's last visit in time() format
### (undefined, undefined) if a URL was not specified and the visitor
### has not been authenticated
### Does not return if a URL was not specified and the visitor
### has not been authenticated (passes control to the
### Authenticate program specified by $AUTH_URL)
###
### Uses Global: $AUTH_URL - See Authenticate
### $AUTH_DIR - See Authenticate
### $MAX_AGE - See Authenticate
###
### Requires: ipconvrt.pl
### error.pl
###
### Files Created: None
sub auth_check {
# Get argument (if any)
local($AUTHENTICATE) = $_[0];
# Set up other variables
local($COOKIES, $auth_id, $auth_path, $auth_program, $valid, $user_id, $last_visit);
local($date) = time;
local($PROGRAM_URL) = "http://$ENV{'SERVER_NAME'}$ENV{'SCRIPT_NAME'}$ENV{'PATH_INFO'}";
# Determine the authentication ID (if one exists)
$auth_program = $AUTH_URL;
$auth_program =~ s|http://[^/]+||;
if ($ENV{'HTTP_COOKIE'} =~ /$auth_program=(\d+)/) { $auth_id = $1 }
elsif (!$ENV{'HTTP_COOKIE'}) {
$auth_id = &ip_convert($ENV{'REMOTE_ADDR'})
}
# If an authentication ID exists, check to see if it's active
$auth_path = "$AUTH_DIR$auth_id";
if ($auth_id && (-f $auth_path) && (-r $auth_path) &&
(-M $auth_path < ($MAX_AGE / 1440))) {
# File exists and is valid so set appropriate flag and update file
open(AUTH, $auth_path)
|| &error("Could not open authentication file ($!).");
$user_id = <AUTH>;
close(AUTH);
$last_visit = $^T - int((-M $auth_path) * 86400);
open(AUTH, ">>$auth_path")
|| &error("Could not open authentication file ($!).");
print AUTH "$PROGRAM_URL||$date\n";
close(AUTH);
$valid = 1;
}
if (!$valid && $AUTHENTICATE) {
print "Location: $AUTH_URL/$PROGRAM_URL\n\n";
exit(0);
}
else { return($user_id, $last_visit) }
}
1;
