Working on a log in script to my webpage

Pete..... helten0007 at yahoo.com
Wed Mar 9 08:04:43 EST 2005 

I better mention, that I rather make it all in python and html (found out 
that python somehow works with asp)

I know that what I have to do is the following:

1) When the user logs in, I have to store a session ID in a cookie
2) When page1 is loaded(upon correctly entered username/password) the cookie 
has to be sent to page 1 and on page one there should be a tjeck to see if 
the cookies has the right values.
3) everytime a page is loaded, there has to be a tjeck, to see if the 
cookies has the right value, if not the page shouldt be loaded, and the user 
should be redirected back to login page.

It does sound very easy to make: Create a store-holder(cookies), create a 
session ID upon log in, tjeck if it is the right sessionID in the cookies 
everytime a page is loaded, if not redirect back to log in page.

But eventhough it sounds easy, I cant quite get the hold of if..

I tried googling, but didnt really find anything, that helpfull...

Any more advice...

Once again thanks for your time....

Sincerly
Pete
"Pete....." <helten0007 at yahoo.com> wrote in message 
news:422eebd0$0$495$ba624c82 at nntp05.dk.telia.net...
> Hi again.
>
> This question might sound a bit strange, but here I go anyway.
>
> I found a tutorial on how to make member areas with ASP. ( It looked very 
> complicated the info I found about making and using cookies to store 
> session ID's with python)
>
> Can I use python code and SQL statements in ASP.
>
> The example only shows how to log in to a member area if the password is 
> written in the asp code ( I mean the program dosnt connect to a my 
> postgresql database to see if the username/password are correct.
>
> I was thinking if I can use some of the code from the tutorial and put my 
> own python code in, I will have solved my problem.
>
> I dont know that much about asp but I also found a tutorial on that, which 
> in going to read..
>
> Thanks for your time.
> The members area tutorial can be found here.
> http://www.theukwebdesigncompany.com/article.php?id=392
>
> "bruce" <bedouglas at earthlink.net> wrote in message 
> news:mailman.142.1110339609.1799.python-list at python.org...
>> pete...
>>
>> simply use google and search for "php scripts login user authentication
>> mysql session etc..."
>>
>> these terms will give you lots of examples... you could also look at some 
>> of
>> the bulletin board/forum apps that are open source to se what they use. 
>> or,
>> you could also look through the code for some of the php content 
>> management
>> apps... of course, there are also the open source ecommerce solutions. 
>> all
>> of these types of apps have functionality to deal with the user
>> login/registration issues...
>>
>> -regards,,,
>>
>>
>> -----Original Message-----
>> From: python-list-bounces+bedouglas=earthlink.net at python.org
>> [mailto:python-list-bounces+bedouglas=earthlink.net at python.org]On Behalf
>> Of Pete.....
>> Sent: Tuesday, March 08, 2005 6:26 PM
>> To: python-list at python.org
>> Subject: Re: Working on a log in script to my webpage
>>
>>
>> The 2 scripts I made is actually working the way they where meant to. So 
>> im
>> kindda happy :)
>>
>> The problem is, that I didnt think about the problem: as Steve wrote:
>> "There are other matters of concern, however, the most pressing of which
>> is: How am I going to stop user from navigating directly to page1?"
>> Maybee I can find some premade feature, that prevents users to go to 
>> page1
>> without logging in. Any ideas as to where I can find some information 
>> about
>> this.
>>
>> Nice that you all take time to help a newbie, so thanks to the helpfull
>> people :)
>>
>>
>>
>>> hi...
>>>
>>> regarding the issue of creating a login (user/passwd) script... there 
>>> are
>>> numerous example scripts/apps written that use php/mysql... i suggest 
>>> that
>>> you take a look at a few and then incoporate the features that you want
>>> into
>>> your script.
>>>
>>> from your questions, it seems like this approach will give you a
>>> better/faster solution to your problem.
>>>
>>> -regards
>>>
>>>
>>> -----Original Message-----
>>> From: python-list-bounces+bedouglas=earthlink.net at python.org
>>> [mailto:python-list-bounces+bedouglas=earthlink.net at python.org]On Behalf
>>> Of Steve Holden
>>> Sent: Tuesday, March 08, 2005 4:02 PM
>>> To: python-list at python.org
>>> Subject: Re: Working on a log in script to my webpage
>>>
>>>
>>> Pete..... wrote:
>>>> Hi all I am working on a log in script for my webpage.
>>>>
>>>> I have the username and the password stored in a PostgreSQL database.
>>>>
>>>> The first I do is I make a html form, where the user can type in his
>>>> username and code, when this is done I want to run the
>>>> script(testifcodeisokay) that verifies that the code and username are 
>>>> the
>>>> right ones ( that means if they match the particular entered username 
>>>> and
>>>> password) If they are then I want to load page1 if they are not I want 
>>>> to
>>>> load the loginpage again.
>>>>
>>>> Login page:
>>>>
>>>> print '''<form action=testifcodeisokay.py'><br>
>>>>          <p>Username:<br> <INPUT type="text" NAME="username">
>>>>          <p>Code:<br> <INPUT type="text" NAME="code"></p>'''
>>>>
>>>> print '''<p><input type=submit value='Submit'></p></form>'''
>>>> print '''</body> </html>'''
>>>>
>>>> This works.
>>>> Here I store the entered text in the variables "username" and "code"
>>>> I then get the entered value by
>>>>
>>>> testifcodeisokay script
>>>>
>>>> connect = PgSQL.connect(user="user", password="password", host="host",
>>>> database="databse")
>>>> cur = connect.cursor()
>>>>
>>>> form = cgi.FieldStorage()
>>>> username = form["username"].value
>>>> code= form["code"].value
>>>>
>>>> I then want to test if they match the ones in the database
>>>>
>>>> insert_command = "SELECT username, code FROM codetable WHERE
>>>> codetable.username = '%s' AND codetable.code = '%s' " %(username, code)
>>>> cur.execute(insert_command)
>>>>
>>> This is an amazingly bad choice of variable name, since the command
>>> doesn't actually insert anything into the database!
>>>
>>>> I should then have found where the entered username,code (on the login
>>> page)
>>>> is the same as those in the database.
>>>>
>>>> But now I am stuck.
>>>>
>>>> Does any know how I can then do something like:
>>>>
>>>> If the codes from the loginpage matches the users codes in the db
>>>> Then the user should be taken to page1
>>>> IF the codes arnt correct the login page should load again.
>>>>
>>>> The program dosnt need to remember who the user is, after the user has
>>> been
>>>> loggen in, it is only used to log the user in.
>>>>
>>>> Thanks for your time..
>>>>
>>> The Python you want is almost certainly something like
>>>
>>>   if len(curs.fetchall()) == 1:
>>>     # username/password was found in db
>>>
>>> although unless your database is guarantees to contain only one of each
>>> combination it might be better to test
>>>
>>>   if len(curs.fetchall()) != 0:
>>>     # username/password was found in db
>>>>
>>>>
>>> There are other matters of concern, however, the most pressing of which
>>> is:
>>>
>>>   How am I going to stop user from navigating directly to page1?
>>>
>>> Answering this question will involve learning about HTTP session state
>>> and writing web applications. I could write a book on that subject :-)
>>>
>>> regards
>>>  Steve
>>>
>>> --
>>> http://mail.python.org/mailman/listinfo/python-list
>>>
>>
>>
>> --
>> http://mail.python.org/mailman/listinfo/python-list
>>
>
>

More information about the Python-list mailing list