#!/perl/bin/perl

# chkpwd.pl
# Verifies the password sent to it with what's
# in the password file.

# Get header files.

    require "html.pm" || die "Can't open Perl header files: $!\n";
    $PwdFileName = "password";        # Full path where needed.

# Check the REQUEST_METHOD to ensure that it's "POST".
# Complain and exit if it's not.

    if ($ENV{'REQUEST_METHOD'} ne "POST")
        {
        &HTML_Header ("Unauthorized entry!");
        print <<THE_END;
<BODY>
<H1 ALIGN="CENTER">Unauthorized entry attempt</H1>
<H1 ALIGN="CENTER">Goodbye!</H1>
</BODY>
THE_END

        &HTML_Footer;
        exit (0);
        }

# Method's OK. Get the data and try to open the password file
# and get the encrypted password.

    read (STDIN, $QueryString, $ENV{'CONTENT_LENGTH'});
    ($dummy, $PwdString) = split (/=/, $QueryString);
    open (PWD, $PwdFileName) ||
        die "Can't open $PwdFileName: $!\n";
    $EncryptedPwd = <PWD>;
    close (PWD);

# Run everybody by crypt().

    if (crypt ($PwdString, $EncryptedPwd) eq $EncryptedPwd)
        {
        &HTML_Header ("Welcome");
        print <<END_GOOD_PWD;
<BODY>
<H1 ALIGN="CENTER">Welcome to the restricted Web page</H1>
<HR>
<H2 ALIGN="CENTER">Your password must have worked...</H2>
</BODY>
END_GOOD_PWD

        &HTML_Footer;
        }
    else        # This handles an incorrect password.
        {
        &HTML_Header ("Incorrect password");
        print <<END_BAD_PWD;
<BODY>
<H1 ALIGN="CENTER">Incorrect password!</H1>
<HR>
<H2 ALIGN="CENTER">Hit the "Back" button and try again</H2>
</BODY>
END_BAD_PWD

        &HTML_Footer;
        }

#                    End chkpwd.pl