#!/opt/bin/perl -Tw

#++
# modified version of 
#   Fig. 27.25: password.pl
#   Program to search a database for usernames and passwords.
# from Internet & World Wide Web: How To Program by Deitel, Deitel, & Nieto
# (c) 2000 by Prentice-Hall, Inc.
#--

# --- include modules ---
use CGI qw(:standard);
    # CGI.pm documented at <URL:http://stein.cshl.org/WWW/software/CGI/>
    # :standard = basic features
use CGI::Carp 'fatalsToBrowser';
    # Carp      = error messages will appear in browser where you can
    #             see them.  Otherwise they're hidden in the log.

# --- include modules which modify perl (named pragmata) ---
use diagnostics; # verbose error messages
use strict;      # stops us from making stupid mistakes
$| = 1;          # flush output buffer after each output statement ...
                 # ... slower but helpful for output over the network

# --- declare a constant ---
use constant DB => "data.txt";

# --- declare variables --- 
my $username; 
my $password;
my @data;
my $entry;
my $name;
my $pass;
my $userverified;
my $passwordverified;


# --- main code begins ---
   $username = param('USERNAME');  # param() is from CGI.pm
   $password = param('PASSWORD');

   open(FILE, DB) ||
    die "The database \"" . DB . "\" could not be opened, error \"$!\"";

   while(<FILE>)
   {
      @data = split(/\n/);                     # each line is an element
                                               #   of the array ... and
                                               # ... split removes the 
                                               #   \n as a side-effect
      foreach $entry (@data)
      {
         ($name, $pass) = split(/,/, $entry);  # each line is a comma-
                                               #   delimited list         
         if($name eq "$username")
         {
            $userverified = 1;                 # 1 is not 0, so it is true
            if ($pass eq "$password")
            {
               $passwordverified = 1;
            }
         }
       }
   }
   close(FILE);

   if ($userverified && $passwordverified)
   {
      accessgranted();
   }
   elsif ($userverified && !$passwordverified)
   {
      wrongpassword();
   }
   else
   {
      accessdenied();
   }

# --- subs begin --- #

sub accessgranted
{
   print header;  # from CGI.pm, ...
                  # ... header is the MIME type identifier for the server
   print "<title>Thank You</title>";
   print "Permission has been granted $username.";
   print "<br /> Enjoy the site.";
} # accessgranted()

sub wrongpassword
{
   print header;
   print "<title>Access Denied</title>";
   print "You entered an invalid password.<br /> ";
   print "Access has been denied.";
   exit;

} # wrongpasssword()

sub accessdenied
{
   print header;
   print "<title>Access Denied</title>";
   print "You were denied access to this server.";
   exit;
} # accessdenied()