Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Perl Misc (http://www.velocityreviews.com/forums/f67-perl-misc.html)
-   -   Best way to differentiate accounts with one set of scripts? (http://www.velocityreviews.com/forums/t887669-best-way-to-differentiate-accounts-with-one-set-of-scripts.html)

Vinnie Murdico 08-17-2004 06:17 PM

Best way to differentiate accounts with one set of scripts?
 
Hi,

I'm creating a series of Perl scripts that make up an entire web site.
It works fine, but now I'd like to change it such that I can "replicate"
this entire web site for multiple accounts for various customers.

I don't want to make copies of the scripts for each hosted account,
because errors and enhancements will then need to be replicated across
multiple copies -- a maintenance nightmare.

I thought about requiring users to "log in" first, and creating a cookie
that contains their account name. Then when each script runs, it looks
at the cookie and gets the account name and uses that to set variables
for unique directories and files where that account's data would be
stored, thus giving each account a unique data area.

Is there a better way to do this that doesn't involve using cookies such
that the scripts could determine which user account was in effect when
it was run so it could look at the correct data location for that
account?

Thanks in advance for any ideas...

-- Vinnie



Gunnar Hjalmarsson 08-17-2004 06:55 PM

Re: Best way to differentiate accounts with one set of scripts?
 
Vinnie Murdico wrote:
> I'm creating a series of Perl scripts that make up an entire web
> site. It works fine, but now I'd like to change it such that I can
> "replicate" this entire web site for multiple accounts for various
> customers.
>
> I don't want to make copies of the scripts for each hosted account,
> because errors and enhancements will then need to be replicated
> across multiple copies -- a maintenance nightmare.
>
> I thought about requiring users to "log in" first, and creating a
> cookie that contains their account name. Then when each script
> runs, it looks at the cookie and gets the account name and uses
> that to set variables for unique directories and files where that
> account's data would be stored, thus giving each account a unique
> data area.
>
> Is there a better way to do this that doesn't involve using cookies
> such that the scripts could determine which user account was in
> effect when it was run so it could look at the correct data
> location for that account?


I'm assuming that the scripts are running as CGI scripts. Provided
that suEXEC or a CGI wrap is enabled, the home directory can be
grabbed via the getpwuid() function:

my $homedir = (getpwuid $<)[7];

But how do you ensure that the scripts are accessed via the 'right'
URL? Maybe not a usable idea, after all...

--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl

ctcgag@hotmail.com 08-17-2004 07:42 PM

Re: Best way to differentiate accounts with one set of scripts?
 
"Vinnie Murdico" <invalid@invalid.com> wrote:
> Hi,
>
> I'm creating a series of Perl scripts that make up an entire web site.
> It works fine, but now I'd like to change it such that I can "replicate"
> this entire web site for multiple accounts for various customers.


I think you first need to decide on a security model, then only once you
have done that does it make sense to worry about this type of detail.

> I don't want to make copies of the scripts for each hosted account,
> because errors and enhancements will then need to be replicated across
> multiple copies -- a maintenance nightmare.


Where is the nightmare?

foreach (@foo) {
system "rm /blah/blah/$_/*.cgi";
system "cp *.cgi /blah/blah/$_/";
}

I don't see how this solves anything, but I also don't see how it
causes any problems.

> I thought about requiring users to "log in" first, and creating a cookie
> that contains their account name. Then when each script runs, it looks
> at the cookie and gets the account name and uses that to set variables
> for unique directories and files where that account's data would be
> stored, thus giving each account a unique data area.


Cookies are easy to spoof. Would your customers be happy with the
fairly low level of security that this would provide?

> Is there a better way to do this that doesn't involve using cookies such
> that the scripts could determine which user account was in effect when
> it was run so it could look at the correct data location for that
> account?


First you need to make the policy decision of how to authenticate users.
Once you have them authenticated, it probably won't be all that hard to do
the rest.

Xho

--
-------------------- http://NewsReader.Com/ --------------------
Usenet Newsgroup Service $9.95/Month 30GB


All times are GMT. The time now is 11:39 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.