def serve_html_info():
# Read POST data if we got any. Thank you Hazel! ╰(◕ ᗜ ◕ )╯
posted_bytes = os.environ.get("CONTENT_LENGTH", 0)
posted = None
if posted_bytes:
posted = sys.stdin.read(int(posted_bytes))
# cardboard-thin authentication!
if secret.username in posted and secret.password in posted:
# set a cookie
print('Set-Cookie: auth='+str(True))
print('Content-Type: text/html')
print()
print("""
<!doctype html>
<html>
<body>
<h1>Lab 3</h1>""")
# Display browser info
print(f"<p>HTTP_USER_AGENT: {os.environ['HTTP_USER_AGENT']}</p>")
# Display query string info
# example query: ?name="hugh"&second="two"
print(f"<p>QUERY_STRING: {os.environ['QUERY_STRING']}</p>")
query = os.environ['QUERY_STRING']
if '&' in query and '=' in query:
print("<ul>")
for parameter in os.environ['QUERY_STRING'].split('&'):
(name, value) = parameter.split('=')
print(f"<li><em>{name}</em> = {value}</li>")
print(f"</ul>")
# Display the POST from the form
if posted:
print(f"<p>POSTED: <pre>")
for line in posted.splitlines():
print(line)
print("</pre></p>")
# Display a login form OR a secret page if we're logged in
if os.environ['HTTP_COOKIE']:
# NOTE: only works for one cookie
(cookie, value) = os.environ['HTTP_COOKIE'].split('=')
if cookie=="auth" and value=="True":
# probably incorrect (should pass from `posted` instead?)
print(templates.secret_page(secret.username, secret.password))
else:
print("<p>Cookie is incorrect somehow</p>")
else:
this_script = __file__.split('/')[-1:][0] # E.Big stackoverflow.com/a/46390072
print(templates.login_page(this_script)) # pass in this script's name
print("""
</body>
</html>
""")
def main():
cookies = find_cookeis()
# print()
if (len(cookies) > 1):
#print("username: "******"password: "******"username") == secret.username
and form.getvalue("password") == secret.password):
print("Set-Cookie:username = "******"username") +
";")
print("Set-Cookie:password = "******"password") +
";")
print('Content-Type: text/html')
print()
print(templates.secret_page(secret.username, secret.password))
# print('''<!doctype html>
# <html>
# <body>''')
# print("<b>"+"Logged in as: " + form.getvalue("username")+"</b>")
# print('''<ul> ''')
# print("<li> <b>"+"username : "******"username")) + "</b> </li>")
# print("<li> <b>"+"password: "******"password")) + "</b> </li>")
# print('''</ul> ''')
# print("<b>refresh page to see if the cookies work. i sent them to the template page!</b>")
# print('''
# </body>
# </html>''')
else:
print('Content-Type: text/html')
print()
print(templates.after_login_incorrect())
# print("<li><em>{0}</em> = {1}</li>".format(name, value))
# Part 3
# print("<p> Browser={} </p>".format(os.environ['HTTP_USER_AGENT']))
# Part 4
print("""
<form method="POST" action="hello.py">
<label> <span>Username:</span> <input autofocus type="text" name="username"></label> <br>
<label> <span>Password:</span> <input type="password" name="password"></label>
<button type="submit"> Login! </button>
</form>
""")
print("<h1>Username: {}</h1>".format(user))
print("<h1>Password: {}</h1>".format(pwd))
print("""
<ul>
</ul>
</body>
</html>
""")
# Part 6
else:
if (c_username):
page = templates.secret_page(c_username, c_password)
else:
page = templates.secret_page(user, pwd)
print(page)
#!/usr/bin/env python3
import templates
import cgi, cgitb
import secret
# import Cookie
print('Content-Type: text/html')
form = cgi.FieldStorage()
n = form.getvalue('username')
p = form.getvalue('password')
if(n == secret.username and p == secret.password):
print("Set-Cookie:username = "******";")
print("Set-Cookie:password = "******";\r\n")
# cookie["username"] = n
# cookie["password"] = p
print(templates.secret_page(n, p))
print()
print(templates.login_page())
print("")
print("")
print("username you entered: %s, password you entered: %s" % (n, p))
SET_COOKIES_MANUALLY = False
if SET_COOKIES_MANUALLY:
# get cookies first
cookies = os.environ.get("HTTP_COOKIE").strip("auth").strip("=")
if cookies:
# parse
for cookie in cookies.split("&"):
(key, value) = cookie.split("=")
if key not in auth.keys():
auth[key] = value
auth_keys = auth.keys()
if "username" in auth_keys and "password" in auth_keys:
# this means cookies exists, also must mean the username and password are valid
print("Content-Type: text/html\r\n")
print(templates.secret_page(auth["username"], auth["password"]))
# cannot find cookies
else:
# get username and password from POST request then
posted_bytes = os.environ.get("CONTENT_LENGTH", 0)
if posted_bytes:
posted = sys.stdin.read(int(posted_bytes))
for line in posted.splitlines():
for each in line.split("&"):
(key, value) = each.split("=")
if key not in auth.keys():
auth[key] = value
auth_keys = auth.keys()
if "username" in auth_keys and "password" in auth_keys:
if auth["username"] == secret.username and auth[
"password"] == secret.password:
print('Content-Type: text/html')
if u == secret.username and w == secret.password:
print('Set-Cookie: username={u}\nSet-Cookie: password={w}'.format(u=u,
w=w))
c = SimpleCookie(os.environ['HTTP_COOKIE'])
cu = None
cw = None
if c.get('username'): cu = c.get('username').value
if c.get('password'): cw = c.get('password').value
if cu == secret.username and cw == secret.password:
u = cu
w = cw
logged_in = (u == secret.username and w == secret.password)
print()
if logged_in:
print(secret_page(username=u, password=w))
elif (w or u):
print(after_login_incorrect())
else:
print(login_page())
#if (w or u):
# print('<h1>Effective login</h1>')
# print('Username = {u}<br />Password = {w}'.format(u=u, w=w))
match_pass = None
cookie_ok = match_user == username and match_pass == password
if match.get("username"):
match_user = match.get("username").value
if match.get("password"):
match_pass = match.get("password").value
if cookie_ok:
new_user = match_user
new_pass = match_pass
print("Content-Type: text/html")
if stat_ok:
print(f"Set-Cookie: username={username}")
print(f"Set-Cookie: password={password}")
print()
if not new_user and not new_pass:
print(login_page())
elif new_user == username and new_pass == password:
print(secret_page(new_user, new_pass))
else:
print(after_login_incorrect())
print()
# Lines from 74 to 80 are from Zeo Riell, 2021
# Q7
# C = cookies.SimpleCookie(os.environ["HTTP_COOKIE"])
# user_c = None
# pwd_c = None
# if C.get("UserID"):
# user_c = C.get("UserID").value
# if C.get("UserPassword"):
# pwd_c = C.get("UserPassword").value
user_c = None
pwd_c = None
if os.environ['HTTP_COOKIE']:
cookie = os.environ['HTTP_COOKIE'].split(';')
user_c = str(cookie[0].split('=')[1])
pwd_c = str(cookie[1].split('=')[1])
# if no any correct input received and has no correct cookies -> login page
if not (user == username and pwd == password) and not (user_c == username
and pwd_c == password):
print(login_page())
else:
if (user_c or pwd_c):
print(secret_page(user_c, pwd_c))
else:
print(secret_page(user, pwd))
#4
print(login_page())
s=cgi.FieldStorage()
username=s.getfirst("username")
password=s.getfirst("password")
#5
form_ok=username==secret.username and password==secret.password
c=SimpleCookie(os.environ["HTTP_COOKIE"])
c_username=None
c_password=None
if c.get("username"):
c.username=c.get("username").value
if c.get("password"):
c.password=c.get("password").value
cookie_ok=c_username==secret.username and password==secret.password
if cookie_ok:
username=c_username
password=c_password
if form_ok:
print("Set-Cookie:username="******"Set-Cookie:password=", password)
#6
if not username and not password:
print(login_page())
elif username==secret.username and password==secret.password:
print(secret_page(suername,password))
else:
print(after_login_incorrect())
print()
import os
import sys
import templates
import secret
import time
u_query = "username="******"&password="******"HTTP_COOKIE" in os.environ:
cookies = os.environ["HTTP_COOKIE"].split('; ')
if "secret=true" in cookies:
print(templates.secret_page(secret.username, secret.password))
posted_bytes = os.environ.get("CONTENT_LENGTH", 0)
if posted_bytes:
posted = sys.stdin.read(int(posted_bytes))
# Report the values of the POSTed data in the HTML
# print("Content-Type: text/html")
# print()
# print(f"<p> POSTED: <pre>")
# print(posted)
# print("</pre></p>")
# Modify to set a cookie if the login is correct
username = posted[len(u_query):posted.find(p_query)]
password = posted[posted.find(p_query) + len(p_query):]
if username == secret.username and password == secret.password:
print(f"Set-Cookie: secret=true")
print(templates.secret_page(secret.username, secret.password))
else:
form_ok = username == secret.username and password == secret.password
c = SimpleCookie(os.environ["HTTP_COOKIE"])
c_username = None
c_password = None
if c.get('username'):
c_username = c.get('username').value
if c.get('password'):
c_password = c.get('password').value
cookie_ok = c_username == secret.username and c_password == secret.password
if cookie_ok:
username = c_username
password = c_password
if form_ok:
print("Set-Cookie: username = "******"Set-Cookie: password = "******"<!doctype html><title>Hello</title><h2>Hello World</h2>")
print('Content-Type: text/html')
cookies = os.environ.get("HTTP_COOKIE", 0)
if cookies != "":
key, val = cookies.split("=")
cookieUsername, cookiePassword = val.split("&")
# Code for getting POST data taken from lab 3 tips
posted_bytes = os.environ.get("CONTENT_LENGTH", 0)
if posted_bytes:
posted = sys.stdin.read(int(posted_bytes))
for line in posted.splitlines():
username, password = line.split("&")
username = username.split("=")[1]
password = password.split("=")[1]
if username == cookieUsername and password == cookiePassword:
html += templates.secret_page(username, password)
html += """
</body>
</html>
"""
#if there are no cookies then show login page
else:
# Code for getting POST data taken from lab 3 tips
posted_bytes = os.environ.get("CONTENT_LENGTH", 0)
if posted_bytes:
posted = sys.stdin.read(int(posted_bytes))
html += ("<p> POSTED: <pre>")
for line in posted.splitlines():
html += line
html += "</pre></p>"
#!/usr/bin/env python3
import cgi
import cgitb
import json
from templates import login_page, secret_page
from secret import username, password
cgitb.enable()
print("Content-Type: text/html")
#print(login_page())
#form = cgi.FieldStorage()
form = cgi.FieldStorage()
user1 = form.getvalue("username")
password1 = form.getvalue("password")
print(user1)
print(password1)
if p_user == username and p_password == password:
print(secret_page(p_user, p_password))
else:
print(login_page())
import cgi
import cgitb
cgitb.enable()
# Getting form cgi values
# From Nosklo https://stackoverflow.com/users/17160/nosklo
# From StackOverflow
# From https://stackoverflow.com/a/464977
form = cgi.FieldStorage() # can handle POST too
input_username = form.getvalue('username')
input_password = form.getvalue('password')
if (input_username == username and input_password == password):
print("Set-Cookie: is_logged_in=true")
print("Content-Type: text/html\n")
print()
for parameter in os.environ["HTTP_COOKIE"].split(';'):
name, value = parameter.split("=")
if value == "true":
print("""<!doctype html>
<html>
<body>
""")
print(secret_page(input_username, input_password))
print("""
</body>
</html>
""")
print()
if len(os.environ['QUERY_STRING']) > 0:
print(f"<p> QUERY_STRING: {os.environ['QUERY_STRING']}")
for parameter in os.environ['QUERY_STRING'].split('&'):
(name, value) = parameter.split('=')
print(f"<li>{name}: {value}</li>")
# Show browser info
print(f"<p>Browser: {os.environ['HTTP_USER_AGENT']}</p>")
# Print secret form if cookie was set
if os.environ['HTTP_COOKIE']:
for key_value in os.environ['HTTP_COOKIE'].split(';'):
k, v = key_value.strip().split('=')
if k == 'user':
user = v
elif k == 'pwd':
pwd = v
print(templates.secret_page(username=user, password=pwd))
# login form (if no cookies)
else:
print(templates.login_page())
# Debug
print(json.dumps(dict(os.environ), indent=2))
# end
print("""</body>
</html>
""")
c_username = None
c_password = None
cookie_string = os.environ.get("HTTP_COOKIE")
cookie_kvs = cookie_string.split("; ")
if cookie_kvs:
for kv in cookie_kvs:
k, v = cookie_kvs.split('=')
if k == "username":
c_username = v
if k == "password":
c_password = v
if c_username and c_password:
print()
print(secret_page(c_username, c_password))
# render the login form
print("Content-Type: text/html")
if request_type == "POST":
if f_username == username and f_password == password:
# LOGIN OK, SET COOKIE
print("Set-Cookie: username={};".format(f_username))
print("Set-Cookie: password={}".format(f_password))
print()
print(secret_page(f_username, f_password))
else:
print()
print(after_login_incorrect())
else:
print()
import cgi
import cgitb
cgitb.enable()
import templates
from secret import username, password
print("Content-Type: text/html")
if os.environs.get("REQUEST_METHOD", "GET") != "GET":
form = cgi.FieldStorage()
f_username = form.getfirst("username", "")
f_password = form.getfirst("password", "")
if f_username == username and f_password == password:
print("Set-Cookie: username={};".format(f_username))
print("Set-Cookie: password={}".format(f_password))
print()
print()
print(templates.secret_page(f_username, f_password))
else:
print()
print()
print(templates.after_login_incorrect())
else:
print()
print()
print(templates.login_page())
import secret
cgitb.enable()
# check cookie for login
username = password = None
cookies = os.environ.get("HTTP_COOKIE")
cookies = cookies.split(';')
for cookie in cookies:
cookie = cookie.strip()
if 'username' in cookie:
username = cookie.split('=')[1]
elif "password" in cookie:
password = cookie.split('=')[1]
if username and password:
print(templates.secret_page(username, password))
elif os.environ.get("REQUEST_METHOD", "GET") == "POST": # no cookies was set
form = cgi.FieldStorage()
if "username" not in form or "password" not in form:
print("<H2>Error</H2>")
print("Please fill in the name and addr fields.")
else:
username = form["username"].value
password = form["password"].value
print("<p>")
print("username:"******"username"].value)
print("password:"******"password"].value)
print("</p>")
input_username = temp_list[0].split("=")[1]
input_password = temp_list[1].split("=")[1]
print('Content-Type: text/html')
if (input_username == secret.username) and (input_password
== secret.password):
# store the cookies
print("Set-Cookie: username={}".format(input_username))
print("Set-Cookie: password={}".format(input_password))
print()
cookie_username = ""
cookie_password = ""
C = cookies.SimpleCookie(os.environ["HTTP_COOKIE"])
# read the info in the cookie
if (C.get("username")):
cookie_username = C.get("username").value
if (C.get("password")):
cookie_password = C.get("password").value
if (cookie_username == secret.username and cookie_password == secret.password):
# if it has the correct cookie already
print(secret_page(cookie_username, cookie_password))
elif (secret.username == input_username and input_password == secret.password):
print(secret_page(input_username, input_password))
else:
print(login_page())
password = s.getfirst('password')
#print(username, password)
form_ok = username == secret.username and password == secret.password
c = SimpleCookie(os.environ['HTTP_COOKIE'])
c_username = None
c_password = None
if c.get("username"):
c_username = c.get('username').value
if c.get("password"):
c_password = c.get('password').value
cookie_ok = c_username == secret.username and c_password == secret.password
if cookie_ok:
username = c_username
password = c_password
if form_ok:
print("Set-Cookie: username="******"set-Cookie: password=", password)
print()
if not username and not password:
print(login_page())
elif username == secret.username and password == secret.password:
print(secret_page(username, password))
else:
print(after_login_incorrect())
cookies = os.environ['HTTP_COOKIE']
cookies = cookies.split(';')
for cookie in cookies:
keyValue = cookie.split('=')
if keyValue[0] == "UserID":
user_id = keyValue[1]
if keyValue[0] == "Password":
cookiePass = keyValue[1]
return user_id, cookiePass
u, p = checkCookies()
posted_bytes = os.environ.get("CONTENT_LENGTH", 0)
if posted_bytes:
posted = sys.stdin.read(int(posted_bytes))
for line in posted.splitlines():
lineSplit = line.split('&')
u = lineSplit[0].split('=')[1]
p = lineSplit[1].split('=')[1]
login(u, p)
print("Content-Type: text/html\r\n\r\n")
if u == "":
print(login_page())
else:
print(os.environ['HTTP_COOKIE'])
print(secret_page(u, p))