#!/usr/bin/perl -wuse CGI qw/:all/;use CGI::Carp qw/fatalsToBrowser warnin

1. #!/usr/bin/perl -w
2.  
3. use CGI qw/:all/;
4. use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;
5.  
6. my $value = 99;
7.  
8. $max_number_to_guess = 99;
9.  
10. sub main() {
11. # print start of HTML ASAP to assist debugging if there is an error in the script
12. print page_header();
13.  
14. # Now tell CGI::Carp to embed any warning in HTML
15. warningsToBrowser(1);
16.  
17. $username = param('username') || '';
18. $password = param('password') || '';
19.  
20. # remove any non-word characters from username
21. # another malicious user could include ../ in username
22. $username =~ s/\W//g;
23. # limit username to 32 word characters
24. $username = substr $username, 0, 32;
25.  
26. # variable to check if user is authenticated
27. $check = 0;
28.  
29.  
30. if (!$username || !$password) {
31. print login_form();
32. print "hello world!\n";
33. }
34. #check username and password
35. if ($username ne '' && $password ne '') {
36. if (open(F, "<accounts/$username/password")) {
37. $line = <F>;
38. chomp $line;
39. if ($line eq $password) {
40. $check = 1;
41. $guess = param('guess') || '';
42. # remove any non-digit characters from guess
43. $guess =~ s/\D//g;
44.  
45. $number_to_guess = param('number_to_guess') || '';
46. $number_to_guess =~ s/\D//g;
47.  
48. if ($number_to_guess eq '') {
49. $number_to_guess = 1 + int(rand $max_number_to_guess);
50.  
51. print "I've thought of a number\n";
52. print guess_number_form($username, $password, $number_to_guess);
53. } elsif ($guess eq '') {
54. print guess_number_form($username, $password, $number_to_guess);
55. } elsif ($guess == 50) {
56. print "You guessed right, it was $number_to_guess.\n";
57. print guess_number_form($username, $password, $number_to_guess);
58. } elsif ($guess < 50) {
59. print "Its higher than $guess.\n";
60. print guess_number_form($username, $password, $number_to_guess);
61. } else {
62. print "Its lower than $guess.\n";
63. print guess_number_form($username, $password, $number_to_guess);
64. }
65. } else {
66. print "Incorrect password!\n";
67. }
68. } else {
69. print "Unknown username!\n";
70. }
71. }
72.  
73.  
74. print page_trailer();
75. }
76.  
77. # form to allow user to supply username/password
78.  
79. sub login_form {
80. return <<eof;
81. <form method="POST" action="">
82. Username: <input type="textfield" name="username">
83. <p>
84. Password: <input type="password" name="password">
85. <p>
86. <input type="submit" value="Login">
87. </form>
88. eof
89. }
90.  
91. #
92. # form to allow user to guess a number
93. #
94. # Pass username & password to next invocation as hidden
95. # field so user doesn't have to login again
96. #
97.  
98. sub guess_number_form {
99. my ($username, $password, $number_to_guess) = @_;
100. return <<eof;
101. <form method="POST" action="">
102. Enter a guess between 1 and $max_number_to_guess (inclusive):
103. <input type="textfield" name="guess">
104. <input type="hidden" name="username" value="$username">
105. <input type="hidden" name="password" value="$password">
106. <input type="hidden" name="number_to_guess" value ="$number_to_guess">
107. </form>
108. eof
109. }
110.  
111. #
112. # form to allow user to go to a new game
113. #
114. sub new_game_form {
115. my ($username, $password) = @_;
116. return <<eof;
117. <form method="POST" action="">
118. <input type="submit" value="Play Again">
119. <input type="hidden" name="username" value="$username">
120. <input type="hidden" name="password" value="$password">
121. </form>
122. eof
123. }
124.  
125.  
126.  
127. #
128. # HTML placed at the top of every page
129. #
130. sub page_header {
131. return <<eof
132. Content-Type: text/html;charset=utf-8
133.  
134. <!DOCTYPE html>
135. <html lang="en">
136. <head>
137. <title>Guess A Number</title>
138. </head>
139. <body>
140. eof
141. }
142.  
143. #
144. #print number functions
145. #
146.  
147.  
148. sub guess_text(){
149. print "I've thought of a number\n";
150. print "Enter a guess between 1 and 99 (inclusive):";
151. }
152.  
153. #
154. # HTML placed at the bottom of every page
155. #
156. sub page_trailer {
157. return "</body>\n</html>\n";
158. }
159.  
160.  
161. main();
162. exit(0);