How to redirect using Perl?

Question

I am new to Perl and I am trying to redirect a user to another page on my server when he enters the right password. The page that I want to redirect to (hello.pl) is in the same directory as my Perl script for the page; however when I try to redirect all I get is a message:

Status: 302 Found Location: hello.pl

But the browser doesn't actually go to the hell0.pl which is what I want. I looked online and in the Perl books but it looks that I'm doing everything right, can someone tell me why my code isn't redirecting? Here's the code for it: I omitted the code for setting up page and getting user input stored in $var ie I did $var = CGI->new at the top of the file, also I am using CGI.pm as a library.

#!/usr/bin/perl -wT
use strict;

use CGI qw(:standard);

print header,
      start_html("Input Form"),
      start_form,
      "Please enter your username:",
      textfield(-name=>'username',
                      -maxlength=>20),p,
      "Please enter your password:",
      password_field(-name=>'password',
                      -maxlength=>20),p,
      submit,
      end_form,
      hr, "\n";

my $var = CGI->new;
my $username  = $var->param("username");
my $password  = $var->param("password");

my $open = "opensesamie";

  if ($password ne $open) {
          print "Sorry wrong password";
  } else {
          print $var->redirect('hello.pl');
          print $var->start_html,p,
          "Hello, $username",p,
          "The current time is ",scalar(localtime),
          $var->end_html;
  }

print end_html;

Answer 1

You are outputting two headers. Don't use both header and redirect for the same request.

#!/usr/bin/perl -wT
use strict;

use CGI qw(:standard);

my $cgi = CGI->new;
my $username  = $cgi->param("username");
my $password  = $cgi->param("password");

if ($password eq "opensesamie") {
   print $cgi->redirect('hello.pl');
   exit();
}

print header;
print start_html("Please Login");
print p({-class => "error"}, "Incorrect password") if $password;
print ... print the form here ...;

Answer 2

Sorry for the delay - I have had to set up a working HTTP server to test my code.

Thank you for posting your full code. It is as I guessed - you have started a message at the top of your program and then added the redirect output to it, whereas you need only the redirect output sent to the client.

I think this is what you need. It checks to see if both the username and password parameters have been sent. If not then the form must be displayed to ask for them. If so then either an error message must be sent if the password is wrong, or a redirect if it is right.

#!/usr/bin/perl

use strict;
use warnings;

use CGI qw(:standard);

my %names = map { $_ => 1 } param;
my $open  = 'opensesamie';

if ($names{username} and $names{password}) {

   my $username = param('username');
   my $password = param('password');

   if ($password eq $open) {
      print
         header,
         start_html,
         p('Sorry, wrong password'),
         end_html;
   }
   else {
      print redirect('hello.pl');
   }
}
else {

   print
      header,
      start_html('Input Form'),
      start_form,
         p('Please enter your username:'),
         textfield( -name => 'username', -maxlength => 20),
         p('Please enter your password:'),
         password_field( -name => 'password', -maxlength => 20),
         p,
         submit,
      end_form,
      hr,
      end_html;
}

Answer 3

I think you have something like this.

Have you started the HTTP print statements somewhere before the if that tests the password? That would make the headers that print $cgi->redirect just part of the HTML text.

use strict;
use warnings;

use CGI;

my %passwords;

my $cgi = CGI->new;

my $username = $cgi->param('username');
my $password = $cgi->param('password');

print
   $cgi->header,
   $cgi->start_html;

if ($password ne $open) {
   print 'Sorry wrong password';
}
else {
   print $var->redirect('hello.pl');
   print
      $var->start_html, p,
      "Hello, $username", p,
      "The current time is ", scalar(localtime),
      $var->end_html;
}      

You need to separate the success/failure completely, like this

use strict;
use warnings;

use CGI;

my %passwords;

my $cgi = CGI->new;

my $username = $cgi->param('username);
my $password = $cgi->param('password);

my $open = $passwords{$username};

if ($password ne $open) {
   print
      $cgi->header,
      $cgi->start_html;
      $cgi->p('Sorry wrong password'),
      $cgi->end_html;
}
else {
   print $var->redirect('hello.pl');
}