Pete:
Don;t give up, load Webware or similar and use that!
regards Steve
Pete..... wrote:
Hi all.
Unfortunaly it looks like I dont have to skill to make a secure log in, cant figure out how the code has to look like, so guess my webpage has to live with a security issue.
Thanks for the effort you put into teaching me the use of cookies.
Best wishes Pete....
"Pete....." <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
Thanks.
But I would really like to do this from scratch, so that I can learn it, I dont think I need that much more, before it works.
I found an example with asp, where the save the session if the password is correct. It isnt that long a code, so was wondering if it isnt possible to make something like that in python. Cause when this code is applied to the loginform, CODE2 will only have to be applied to every following page and everything is good.
code is from: http://tutorialized.com/tutorial/Creating-a-Members-Area-in-ASP/2234
CODE1
Set objRS = objConn.Execute (strSQL)
'// see if there are any records returned
If objRS.EOF Then
'no username found
strError = "- Invalid username or password<br>" & vbNewLine
Else
'check password
If objRS("password")=Request.Form("password") Then
'username/password valid
'save session data
Session("loggedin") = True
Session("userid") = objRS("id")
'redirect to members area
Response.Redirect ("default.asp")
Response.End
Else
'invalid password
strError = "- Invalid username or password<br>" & vbNewLine
CODE2<%
If Session("loggedin") <> True Then Response.Redirect "login.asp"
%>
<html>
<head>
<title>Members Area</title>
</head>
<body>
<h1>Members Area</h1>
<p>Welcome to our members area!</p></body>
</html> In my code I have allready tested if the username and password is correct, so I just need to do the cookie thing :D
Thanks all, hope all my questions dosnt make you tired, I just really wanna figure this out, and I am doing this as a little hobby of mine, so I dont have anyone else to ask, hope that is okay...
"Kent Johnson" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
Pete..... wrote:
Hi all I am working on a log in script for my webpage.
I have the username and the password stored in a PostgreSQL database.
You might want to look at Snakelets and CherryPy.
Snakelets is "a very simple-to-use Python web application server." One of the features is "Easy user authentication and user login handling."
http://snakelets.sourceforge.net/
CherryPy is "a pythonic, object-oriented web development framework" that seems to be popular. A recipe for password-protected pages in CherryPy is here:
http://www.cherrypy.org/wiki/PasswordProtectedPages
Kent
-- http://mail.python.org/mailman/listinfo/python-list