Softpanorama (slightly skeptical) Open Source Software Educational Society

May the source be with you, but remember the KISS principle ;-) Softpanorama Search

Softpanorama Perl Bulletin, 2001

USENIX ;login - the webmaster Password-Protecting Areas of Your Web Site

... ... ...

A Third Solution: Let the Server Do the Work

Yet another solution, one that offers more security, is to let the Apache Web Server do the work through the .htpasswd facility. In essence, you create a simple password file containing names and encrypted passwords, then enable your Web server to look for the file. Once set up, any access to any files within the protected folder must automatically be validated by forcing the user to enter a login/password pair.

To create the password file, I use a simple Perl script that I cobbled together called makepasswd:

#!/usr/bin/perl
print "\nMake htpasswd Account Entry...\n\n";
print "User name : ";
chomp($user = <STDIN>);
print "Password : ";
chomp($passwd = <STDIN>);
srand($$|time);
@saltchars=(a..z,A..Z,0..9,'.','/');
$salt=$saltchars[int(rand($#saltchars+1))];
$salt.=$saltchars[int(rand($#saltchars+1))];
$passwdcrypt = crypt($passwd,$salt);
print "\nAdd the following to the htpasswd file:\n\n";
print "\t$user:$passwdcrypt\n\n";
exit 0;

As you can see, it does the work of encrypting the password and then displays exactly the information you'll need to add to the new .htpasswd file. A file duplicating the two accounts shown above would look like this:

taylor:z6K5hUINhVrIA
guest:SXUISuZuiD0Os

With the passwords encrypted, it's a lot harder for hackers to reverse-engineer and sneak in if they manage to snag a copy of this information!

The only other step is to change the httpd.conf file so that the server knows to look for the password file in the directory. This is done by adding the boldface lines below to the file:

<VirtualHost www.intuitive.com>
ServerAdmin webmaster@intuitive.com
DocumentRoot /web
ServerName www.intuitive.com
<Location /CGI/password/private>
AuthName /web/CGI/password/private
AuthType basic
AuthUserFile /web/CGI/password/private/.htpasswd
Require valid-user
Allow From All
</Location>
</VirtualHost>

Now we're rocking! Any access to any of the information in the specified folder (AuthName) requires the user to log in to the server correctly, with the dialog box (as shown in Figure 1) popped up and the account/password information compared against the contents of the AuthUserFile as shown above.

... ... ... 

DNS Tools  dns_tree is a command-line-based front-end to dig.

It replaces the several dig invocations necessary to fetch a zone, and it formats the output in a somewhat sensible hierarchical style (a tree). dns_browse is a GUI front-end to dns_tree. It allows point-and-click DNS browsing and makes it easy to expand/compress hierarchies in one or more DNS zones. dns_tree requires dig and Perl 5.002 or later. dns_browse requires Tk-4.2 or later.

cron.pl A simple emulation for the Unix cron utility. Written by Scott McMahan.

[Oct 10, 2001] Algorithm::Diff Algorithm::Diff will find the differences between two lists or two files. It finds the differences `intelligently': Given two files, it finds the *smallest* set of changes that will turn one file into the other.

Creating Scalable Vector Graphics with Perl
Kip Hampton demonstrates how to use Perl, XML, and SVG to generate useful and attractive graphics dynamically. [XML.com]

http://www.perl.com/pub/a/2001/06/13/recdecent.html  Parse::RecDescent Tutorial Parse::RecDescent is a recursive descent parser generator designed to help to Perl programmers who need to deal with any sort of structured data, from configuration files to mail headers to almost anything. It's even been used to parse other programming languages for conversion to Perl. Jeff Goff explains what Parse::RecDescent does, how to build up grammars, and how to use Parse::RecDescent in your programs.

http://www.perl.com/pub/a/2001/06/27/ctoperl.html Why Not Translate Perl to C? Mark-Jason Dominus explains why it might not be any faster to convert your code to a C program rather than let the Perl interpreter execute it.

[Jul 20, 2001]  A Tiny Perl Server Pages Engine

Perl Server Pages is a small-footprint Perl-based cross-platform JSP-like facility for generating dynamic pages. It runs on both UNIX and Windows.

[Jun 17, 2001] Parse::RecDescent is a recursive descent parser generator designed to help to Perl programmers who need to deal with any sort of structured data, from configuration files to mail headers to almost anything. It's even been used to parse other programming languages for conversion to Perl. Jeff Goff explains what Parse::RecDescent does, how to build up grammars, and how to use Parse::RecDescent in your programs.

[Jun 30, 2001]Why Not Translate Perl to C? Mark-Jason Dominus explains why it might not be any faster to convert your code to a C program rather than let the Perl interpreter execute it.

[Jun 17, 2001]  Secret Tools LG #67

xclip by Kim Saunders

Xclip is a very simple app. Why it wasn't available to Linux users until now is beyond me.

Quite simply, it allows you to place whatever you wish into the clipboard. Period.

A simple example. Suppose you want to send your friend a directory listing; no problem. Just type "ls | xclip" at your nearest console and then middle-click to paste into your email. In fact any program's std out can be piped to xclip: 'whois', 'showbook.pl' whatever.

In combination with a script to grab the currently selected text it becomes even more useful. Suppose you've just typed an unsorted list, but you want it sorted alphabetically. Highlight the list with the mouse, press, say, alt-shift-S and then middle-click to paste in the freshly sorted list! This trick can be used to do any number of things: sum a column of numbers, make banner-style comment blocks, quick-notes...

Here's a python script which uses the wxWindows library to do all of the above. Just attach it to different hotkeys using the appropriate command line switch (e.g. 'clipmanip.py -c' to create comment blocks).

showbook.pl

showbook.pl
by Guido Socher

This little gem is indispensable if you have a lot of bookmarks. showbook.pl parses your Netscape bookmark file and returns the URLs it finds there. In fact, it's so useful that even though I haven't used Netscape in a couple of months I export my bookmarks file from Konqueror every once in a while just so I can keep using it! (nb: Konqueror mangles the syntax slightly, so you'll need to run Netscape once and explicitly save bookmarks to sort things out.)

Here's a sample search using showbook.pl:

[paul@oremus paul]$ showbook.pl wxwin
== Misc ==
<A HREF="http://web.ukonline.co.uk/julian.smart/wxwin/">wxWindows</A>

[May 4, 2001]  Some useful links

• ***** A complete online archive of Andrew Johnson's Perl newsletters:
•  Managing terabytes of data
• Perl Objects and Regular Expressions

[Apr 15, 2001] Alex Harford: Writing Your Own Gimp_Perl Scripts

"Once you have become familiar with the basics of Perl, you can move on to creating Perl scripts for the Gimp. This section will outline the creation of a fairly simple script, incidentally, the one I used to create the logos on my homepage. Gimp_Perl is perfect for this.

See also

A Simple Gnome Panel Applet
Build a useful Gnome application in an afternoon! Joe Nasal explains some common techniques, including widget creation, signal handling, timers, and event loops.

DBI is OK
Chromatic makes a case for using DBI and shows how it works well in the same situations as DBIx::Recordset.

Being an FTP Client You want to connect to an FTP server and get or put files. You might want to automate the one-time transfer of many files or automatically mirror an entire section of an FTP server, for example.Perl-Tk (pedantic) porting pronouncements

[Mar 20, 2001] Robert's Perl Tutorialn -- short and weak

[Mar 20, 2001]  Introduction to Perl