Single Data Password Protection


We see a lot of password protection working in our life. For example, after grading student's finals, some professors want to post the student's scores on the web. They need to find a way to let each student to only get his(her) own score but not others. In this case we can assign a password for each student (for example, last 4 digits of SSN). So the student can use the password to get his(her) score. Now let's see how we can achieve it.

Click here to run this example.

HTML FORM

Here is the HTML FORM for this example:
<form method=POST action="password.pl">
Enter your  Password: <INPUT NAME="password" TYPE="TEXT" SIZE="10" MAXLENGTH="20">
<INPUT TYPE="SUBMIT" VALUE="Submit">        <INPUT TYPE="RESET">
</form>

Perl Source code

The following is the Perl source code:
(1)
#!/usr/local/bin/perl
########################################################################
#  password.pl
#  11/26/97 by Zhanshou Yu
#  Any technical comment please send to :
#  zyu@rics1.uh.edu
########################################################################

(2)
#Get the system date
$date=`/usr/bin/date`;
chop($date);         #chop the last enter character
(3)
#Associate password with each data, password '1111' associate with data 86,etc.
%PASSWD=('1111','86',
         '2222','55',
         '3333','40',
         '4444','100');
(4)
#get the input data from the form. Here I use POST method 
read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'});

(5)
($name,$value)=split(/=/,$buffer);  #split name=value to name value
$value=~tr/+/ /;                  #substitute plus sign with space sign
$value=~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; #decode hexdecimal to character
(6)
# print html header 
print" Content-type:text/html\n\n";

$flag=0;
(7)
#Check the received password in our list or not, if in, retrieve the data.
foreach $item(keys%PASSWD)
{ if($item eq $value)
  {
   print "<title>Password Protection Retrieve Result</title>";
   print "<center><h1> Password Protection Retrieve Result</h1> <center>";
   print "<hr>";
   print "<h4>Your retrieved data: <font color=#228b22>$PASSWD{$item}</font>.</h4>";
   $flag=1;
   last;
  }
}
(8)
# Not a valid password, print the error message.
if($flag==0)
{
   print "<title>Retrieve Error</title>";
   print "<center><h1> Retrieve Error</h1>";
   print "<hr>";
   print "<h4> You enter the wrong password,get back and try again!</h4></center>";
}
exit;

Program Analysis