|
Best way to differentiate accounts with one set of scripts?
Hi,
I'm creating a series of Perl scripts that make up an entire web site. It works fine, but now I'd like to change it such that I can "replicate" this entire web site for multiple accounts for various customers. I don't want to make copies of the scripts for each hosted account, because errors and enhancements will then need to be replicated across multiple copies -- a maintenance nightmare. I thought about requiring users to "log in" first, and creating a cookie that contains their account name. Then when each script runs, it looks at the cookie and gets the account name and uses that to set variables for unique directories and files where that account's data would be stored, thus giving each account a unique data area. Is there a better way to do this that doesn't involve using cookies such that the scripts could determine which user account was in effect when it was run so it could look at the correct data location for that account? Thanks in advance for any ideas... -- Vinnie |
Re: Best way to differentiate accounts with one set of scripts?
Vinnie Murdico wrote:
> I'm creating a series of Perl scripts that make up an entire web > site. It works fine, but now I'd like to change it such that I can > "replicate" this entire web site for multiple accounts for various > customers. > > I don't want to make copies of the scripts for each hosted account, > because errors and enhancements will then need to be replicated > across multiple copies -- a maintenance nightmare. > > I thought about requiring users to "log in" first, and creating a > cookie that contains their account name. Then when each script > runs, it looks at the cookie and gets the account name and uses > that to set variables for unique directories and files where that > account's data would be stored, thus giving each account a unique > data area. > > Is there a better way to do this that doesn't involve using cookies > such that the scripts could determine which user account was in > effect when it was run so it could look at the correct data > location for that account? I'm assuming that the scripts are running as CGI scripts. Provided that suEXEC or a CGI wrap is enabled, the home directory can be grabbed via the getpwuid() function: my $homedir = (getpwuid $<)[7]; But how do you ensure that the scripts are accessed via the 'right' URL? Maybe not a usable idea, after all... -- Gunnar Hjalmarsson Email: http://www.gunnar.cc/cgi-bin/contact.pl |
Re: Best way to differentiate accounts with one set of scripts?
"Vinnie Murdico" <invalid@invalid.com> wrote:
> Hi, > > I'm creating a series of Perl scripts that make up an entire web site. > It works fine, but now I'd like to change it such that I can "replicate" > this entire web site for multiple accounts for various customers. I think you first need to decide on a security model, then only once you have done that does it make sense to worry about this type of detail. > I don't want to make copies of the scripts for each hosted account, > because errors and enhancements will then need to be replicated across > multiple copies -- a maintenance nightmare. Where is the nightmare? foreach (@foo) { system "rm /blah/blah/$_/*.cgi"; system "cp *.cgi /blah/blah/$_/"; } I don't see how this solves anything, but I also don't see how it causes any problems. > I thought about requiring users to "log in" first, and creating a cookie > that contains their account name. Then when each script runs, it looks > at the cookie and gets the account name and uses that to set variables > for unique directories and files where that account's data would be > stored, thus giving each account a unique data area. Cookies are easy to spoof. Would your customers be happy with the fairly low level of security that this would provide? > Is there a better way to do this that doesn't involve using cookies such > that the scripts could determine which user account was in effect when > it was run so it could look at the correct data location for that > account? First you need to make the policy decision of how to authenticate users. Once you have them authenticated, it probably won't be all that hard to do the rest. Xho -- -------------------- http://NewsReader.Com/ -------------------- Usenet Newsgroup Service $9.95/Month 30GB |
| All times are GMT. The time now is 06:33 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.