Thread: WEB-interface

Greetings,

I want to do WEB-interface to postgresSQL 6.4.2 using perl.
I can do one level web-page, so you can say Username/Password and
read some data from database.
But if I want to create subform, I have to know username/password again.
Now, I'm solving this problem transmitting <input type="hidden"> back
to client - but this method is wrong.
I'm using apache web server on bsdi-3.1.

Thank you,
-----------------
Sergei Chernev
Internet: ser@nsu.ru
Phone: +7-3832-397354

On Thu, 15 Apr 1999, Sergei Chernev wrote:

> Greetings,
>
> I want to do WEB-interface to postgresSQL 6.4.2 using perl.
> I can do one level web-page, so you can say Username/Password and
> read some data from database.
> But if I want to create subform, I have to know username/password again.
> Now, I'm solving this problem transmitting <input type="hidden"> back
> to client - but this method is wrong.
> I'm using apache web server on bsdi-3.1.

I've started to use .htaccess subdirectories more and more for doing this,
but you could also Cookie's for doign this...

Marc G. Fournier                   ICQ#7615664               IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: scrappy@hub.org           secondary: scrappy@{freebsd|postgresql}.org

"Sergei Chernev" <ser@nsu.ru> writes:
>But if I want to create subform, I have to know username/password again.
>Now, I'm solving this problem transmitting <input type="hidden"> back
>to client - but this method is wrong.

Make an MD5 checksum of the username, password, and current time.  Send the
MD5 checksum in a hidden field (or use a cookie).  Keep a server-side cache
of the currently valid checksums (expire the old ones periodically), and
check the incoming checksum against the cache for each request.

    -Michael Robinson