Nes::Obj::secure_login - Secure Login Nes Object.
Checking for script handler:
{: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " script_handler => 'my_script_handler.pl', function_handler => 'my_function_handler', form_name => 'my_form_1', " ) :}
Checking directly from a database:
{: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " from_table => 'table', from_user_field => 'table_field_user', from_pass_field => 'table_field_pass', from_user_function => 'sql_function', from_pass_function => 'sql_function', form_name => 'my_form_1', " ) :}
Create a user session if the login is successful. Verification can be done with a script handle or directly from a database. The form prevents intrusion by the obfuscation of the fields, limiting the number of attempts and captcha.
The script that contains the "function_handler"
Function to call to verify login. Receives the form fields user and password. Must return "user id" if successful or 0 if failure. Sample:
sub check_user_login { my $user = shift; my $pass = shift; return 0 if !$user || !$pass; # check user and password in db or other ... return $user_id if $ok; return 0 if !$ok; }
Verify login to this table name. Sample:
{: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " from_table => 'users', from_user_field => 'user', from_pass_field => 'password', " ) :}
For these parameters secure_login make the following sql query:
SELECT `user` FROM `users` WHERE ( `user` = $user AND `password` = $pass ) LIMIT 0,1;~;
The field name in the table corresponds to the "user".
The field name in the table corresponds to the "password".
SQL function apply to "user" in SQL query.
SQL function apply to "password" in SQL query. Sample:
{: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " from_table => 'users', from_user_field => 'user', from_pass_field => 'password', from_pass_function => 'PASSWORD', " ) :}
SELECT `user` FROM `users` WHERE ( `user` = $user AND `password` = PASSWORD($pass) ) LIMIT 0,1;~;
Database name. Usually DB_... must be previously defined in its nes.cfg, secure_login take these defaults. But if you need to consult another database, can DB_... as parameters.
Not a good idea to include passwords in files html:
BAD: {: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " from_table => 'users', from_user_field => 'user', from_pass_field => 'password', DB_base => 'basename', DB_user => 'baseuser', DB_pass => 'sakjuje7ey', " ) :}
Declare them as variables in their nes.cfg:
# primary database DB_base = basename DB_user = username DB_pass = password DB_driver = mysql DB_host = localhost DB_port = 3306 # database for login login_DB_base = otherbasename login_DB_user = username login_DB_pass = password login_DB_driver = mysql login_DB_host = localhost login_DB_port = 3306
And so:
{: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " from_table => 'users', from_user_field => 'user', DB_base => '{: * cfg_login_DB_base :}', DB_user => '{: * cfg_login_DB_user :}', DB_pass => '{: * cfg_login_DB_pass :}', " ) :}
Database user.
Database password.
Database driver.
Database host.
Database port.
Min length of user.
Max length of user.
Min length of password.
Max length of password.
Attempts to show the captcha. Default 3.
Attempts/minutes, if we reach attempts, wait the time shown in "minutes". Default is '10/5'
Error out page, Default 'none'.
Time to expire form in last step. Default '1m' one minute. Time suffix: s: seconds, m: minutes h: hours d: days, M: months, y: years.
Time to expire form. Default '10m' ten minutes. Time suffix: s: seconds, m: minutes h: hours d: days, M: months, y: years.
Tag name property of form.
Tag id property of form.
Tag class property of form.
Tag name property of captcha.
ascii.
Digit number captcha.
Captcha size.
Captcha noise level.
Character to the foreground
Character to the background
Time to expire captcha. Default '1m' one minute. Time suffix: s: seconds, m: minutes h: hours d: days, M: months, y: years.
HTML Tag for the design of the captcha.
Out page. Default self.
The session is created with this time expires. Default '12h'. Time suffix: s: seconds, m: minutes h: hours d: days, M: months, y: years.
The session is created with this time expires if 'remember' option is enable. Default '48h'. Time suffix: s: seconds, m: minutes h: hours d: days, M: months, y: years.
Text to show in lengend tag.
Text to show in user name field.
Text to show in password field.
Text to show in remember field. If empty, remember option is disable.
Text to show in send button.
Text to show in captcha field.
Text to show error if user/password error.
Text to show error if captcha error.
Text to show error if user error. (min_len_name and max_len_name)
Text to show error if password error. (min_len_pass and max_len_pass)
Template errors.
Template for options.
Skriptke: Enrique Castañón
Version 1.03 April 2010
Copyright (c) Enrique F. Castanon Barbero. All rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms and conditions as GNU Public License (GPL).
This means that you can, at your option, redistribute it and/or modify it under either the terms the GNU Public License (GPL), or under the Perl Artistic License.
See http://dev.perl.org/licenses/
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Use of this software in any way or in any form, source or binary, is not allowed in any country which prohibits disclaimers of any implied warranties of merchantability or fitness for a particular purpose or any disclaimers of a similar nature.
IN NO EVENT SHALL I BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION (INCLUDING, BUT NOT LIMITED TO, LOST PROFITS) EVEN IF I HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
Nes, Nes::Tutorial, Nes::Singleton, Nes::nes.cfg, Sample to use Nes; http://nes.sourceforge.net/
1 POD Error
The following errors were encountered while parsing the POD:
Non-ASCII character seen before =encoding in 'Castañón'. Assuming UTF-8
To install Nes, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Nes
CPAN shell
perl -MCPAN -e shell install Nes
For more information on module installation, please visit the detailed CPAN module installation guide.