How to lock down WWWBOARD?

[Don]

I'm using" wwwboard" and am starting to get porn postings from outside the
closed group that uses it. I'm not that familar with Perl, do most of my
work using JS and PHP. So, was wondering what code to add to check for a
login username and password that exist on the client's machine as cookies.
In PHP I'd pick them up using "$_COOKIE['<cookie name>']. How do I do it in
Perl? Can you give me some sample code for checking them? I guess the code
would be added somewhere in the "wwwboard.pl"l file?

Sure would appreciate some help with this.

Thanks,
Don

 

[Jim Gibson]

I'm using" wwwboard" and am starting to get porn postings from outside the
closed group that uses it. I'm not that familar with Perl, do most of my
work using JS and PHP. So, was wondering what code to add to check for a
login username and password that exist on the client's machine as cookies.
In PHP I'd pick them up using "$_COOKIE['<cookie name>']. How do I do it in
Perl? Can you give me some sample code for checking them? I guess the code
would be added somewhere in the "wwwboard.pl"l file?

Sure would appreciate some help with this.

What version of wwwboard are you using? If you are using the one from
Matt's Script Archive, you should know that those scripts are
notoriously insecure. There are drop-in replacements at
http://nms-cgi.sourceforge.net/

The NMS version of wwwboard uses the perl CGI module, so you can set
cookies with the -cookie option to the header() function and retrieve
them with the cookie() function. See the length 'perldoc CGI' for more
info.

FYI: this newsgroup is defunct. Try comp.lang.perl.misc in the future
for general Perl questions and comp.lang.perl.modules for help with
Perl modules like CGI.

 

[Don]

I'm using" wwwboard" and am starting to get porn postings from outside the
closed group that uses it. I'm not that familar with Perl, do most of my
work using JS and PHP. So, was wondering what code to add to check for a
login username and password that exist on the client's machine as cookies.
In PHP I'd pick them up using "$_COOKIE['<cookie name>']. How do I do it in
Perl? Can you give me some sample code for checking them? I guess the code
would be added somewhere in the "wwwboard.pl"l file?

Sure would appreciate some help with this.

What version of wwwboard are you using? If you are using the one from
Matt's Script Archive, you should know that those scripts are
notoriously insecure. There are drop-in replacements at
http://nms-cgi.sourceforge.net/

The NMS version of wwwboard uses the perl CGI module, so you can set
cookies with the -cookie option to the header() function and retrieve
them with the cookie() function. See the length 'perldoc CGI' for more
info.

FYI: this newsgroup is defunct. Try comp.lang.perl.misc in the future
for general Perl questions and comp.lang.perl.modules for help with
Perl modules like CGI.

Thanks for your reply Jim. I'm using the NMS version, but am getting daily
porn posts. Figured if I check to see if there is a username/password login
(which I have in client's cookies) I could put a stop to this. Say, where
do I find the 'perldoc CGI' you mentioned? I was hoping to implement a
quick fix. Looks like I'm going to have to do some homework. That's ok,
about time I learned a little about Perl.

Thanks,
Don

 

[Don]

I'm using" wwwboard" and am starting to get porn postings from outside the
closed group that uses it. I'm not that familar with Perl, do most of my
work using JS and PHP. So, was wondering what code to add to check for a
login username and password that exist on the client's machine as cookies.
In PHP I'd pick them up using "$_COOKIE['<cookie name>']. How do I do it in
Perl? Can you give me some sample code for checking them? I guess the code
would be added somewhere in the "wwwboard.pl"l file?

Sure would appreciate some help with this.

What version of wwwboard are you using? If you are using the one from
Matt's Script Archive, you should know that those scripts are
notoriously insecure. There are drop-in replacements at
http://nms-cgi.sourceforge.net/

The NMS version of wwwboard uses the perl CGI module, so you can set
cookies with the -cookie option to the header() function and retrieve
them with the cookie() function. See the length 'perldoc CGI' for more
info.

FYI: this newsgroup is defunct. Try comp.lang.perl.misc in the future
for general Perl questions and comp.lang.perl.modules for help with
Perl modules like CGI.

Thanks for your reply Jim. I'm using the NMS version, but am getting daily
porn posts. Figured if I check to see if there is a username/password login
(which I have in client's cookies) I could put a stop to this. Say, where
do I find the 'perldoc CGI' you mentioned? I was hoping to implement a
quick fix. Looks like I'm going to have to do some homework. That's ok,
about time I learned a little about Perl.

Thanks,
Don

Oh, and thanks for the heads-up on the other newsgroups.
Don

 

[Jim Gibson]

Say, where
do I find the 'perldoc CGI' you mentioned?

perldoc is a command-line utility available in most Perl distributions.
If that doesn't work, try 'man CGI'. If that doesn't work, look for
some HTML files somewhere, depending upon your platform and Perl
distribution.

Now, please stop posting in this newsgroup before the usenet nazi's get
us in trouble.