How to pass REMOTE USER env.var. value to cgi-bin script?

Forum Moderators: coopster & phranque

Message Too Old, No Replies

How to pass REMOTE USER env.var. value to cgi-bin script?

subj

Olana

7:19 am on Feb 19, 2007 (gmt 0)

Perl scripts are enabled to run in /cgi-bin/ only. I have another forder - basic auth. htaccess/password protected in the root too. Each page in this protected dir has a piece of code to launch a simple perl script resided in /cgi-bin/. The script creates a simple log file. How to pass auth data like REMOTE_USER from protected folder to the script to track visitors hits? Thanks.

phranque

9:55 am on Feb 19, 2007 (gmt 0)

assuming you are using the CGI.pm module, you can access all environment variables through the %ENV hash such as

use CGI;
my remoteUser = $ENV{REMOTE_USER};

as well as a set of environment methods such as

use CGI;
my $cgi = new CGI;
my remoteUser = $cgi->remote_user;

you can pass a pointer to the %ENV hash or just the required values as arguments to the scripts.

Olana

10:23 am on Feb 19, 2007 (gmt 0)

I've never used cgi.pm, and it's no need to use it here.

Sorry, may be I was not clear enough to understand me easily.

Suppose there are only 2 folders in the root: /cgi-bin/ and /protected/

"protected" is basic auth protected - you need to enter your username and pwd to access pages. All the pages in /protected/ folder are static. The job is to track each logged in user session.

there is a simple script in /cgi-bin/ to support a simple text file as log file. 5 min job to create. No problems to track users IP ($ENV{'REMOTE_ADDR'}), the page ($ENV{'HTTP_REFERER'}), and the time (time() function). Well, but /cgi-bin/ is not .htaccess protected, and due to this $ENV{'REMOTE_USER'} is empty there, of course.

Wnen I log in the /protected/ as user "olana", the /protected/index.html loaded in my browser, of course. And I see a new record in a simple .txt file in /cgi-bin/ folder :
...
Nobody¦my IP¦http://....index.htm¦1234567890

How to pass REMOTE_USER variable which is "olana" in /protected/ into the script so I'd see what i want:

...
olana¦my IP¦http://....index.htm¦1234567890

Olana

10:39 am on Feb 19, 2007 (gmt 0)

Addition (to be even more clear) :

1) the script, which is used to support a separate log file 'hitss.txt' :

####
#!/usr/bin/perl
use strict;
use warnings;
my($uflock) = 1;
my($im) = '../images/empty.gif';
my($logfile) = 'hitss.txt';

my($page) = $ENV{'HTTP_REFERER'} ¦¦ 'Unknown page';
my($uip) = $ENV{'REMOTE_ADDR'} ¦¦ 'Unrecognized IP';
my($userr) = $ENV{'REMOTE_USER'} ¦¦ $ENV{'REMOTE_IDENT'} ¦¦'Nobody';
my($tima) = time();
my($res) = $userr.'¦'.$page.'¦'.$uip.'¦'.$tima."\n";

open(FI, ">>$logfile") or die("Can not open $logfile to write!\nReason: $!");
if($uflock) { flock(FI, 2)}
print FI $res;
close(FI);

print "Content-Type: image/gif\n\n";
open(FI, $im) or die("Can not open $im!\nReason: $!");
print <FI>;
close(FI);
exit(1);
####

2) each static page in /protected/folder has this code in the very bottom :

....
<img src="../cgi-bin/hit.cgi" width="1" height="1" alt="">
</body></html>

How to attach REMOTE_USER var (intercepted by means of ssi, for example) to the script call? This'd be easy, of course, if i could to write simply something like <img src="../cgi-bin/hit.cgi?user=REMOTE_USER" width="1" height="1" alt="">, but obviously I can't.

phranque

10:53 am on Feb 19, 2007 (gmt 0)

2) each static page in /protected/folder has this code in the very bottom :
....
<img src="../cgi-bin/hit.cgi" width="1" height="1" alt="">
</body></html>
How to attach REMOTE_USER var (intercepted by means of ssi, for example) to the script call? This'd be easy, of course, if i could to write simply something like <img src="../cgi-bin/hit.cgi?user=REMOTE_USER" width="1" height="1" alt="">, but obviously I can't.

you should be able to do this in a SSI-like way such as:

<img src="../cgi-bin/hit.cgi?user=" width="1" height="1" alt="">

Olana

12:44 pm on Feb 19, 2007 (gmt 0)

Tnx ;) it works ;)

I did not try this because I was convinced that it'd be able to ECHO a var value may be. A lesson for me...

Thank you VERY MUCH again ;)))