I can let you have a simple PERL solution (below) but be aware that it is anything but secure as anyone can access the data file if they know what it's called and where it's located. I would suggest that you name it something obscure that no-one would ever guess at. Also, I'm assuming that you know about PERL and that you can fill in all the required gaps in the sample script. Let me know if any of this is ambiguous or if I'm making too many assumptions.
Phil Wills
### Sample HTML file ###
<form method="POST" action="loginscript">
User name: <input type="text" name="username"><br>
Password: <input type="text" name="password"><br>
<input type="submit" value="Log in" name="submit">
</form>
### Sample data file ###
user1|password1|redirect parameters 1|
user2|password2|redirect parameters 2|
user3|password3|redirect parameters 3|
### Sample PERL script ###
#!/usr/bin/perl
$userlist = "/absolute/path/to/userlist.dat";
print "Content-type: text/html\n\n";
if ($ENV{'REQUEST_METHOD'} eq 'GET')
{
@pairs = split(/&/, $ENV{'QUERY_STRING'});
}
else
{
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
}
foreach $pair (@pairs)
{
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s/<!--(.|\n)*-->//g;
$value =~ s/<([^>]|\n)*>//g;
$form{$name} = $value;
}
open (USERLIST, "$userlist"

;
@userlist = <USERLIST>;
close (USERLIST);
$matchfound = "no";
foreach $dataline (@userlist)
{
chomp $dataline;
($username, $password, $redirect) = split(/\|/, $dataline);
if ($username eq $form{username})
{
$matchfound = "yes";
}
last if ($username eq $form{username});
}
if ($matchfound eq "no"

{
&denyuser;
}
elsif ($form{password} ne $password)
{
&denypassword;
}
else
{
&displaypage;
}
sub displaypage
{
# Display the page which the user now has access to via the $redirect parameter string
exit;
}
sub denyuser
{
# Inform the user that they have entered an invalid user name
exit;
}
sub denypassword
{
# Inform the user that they have entered a valid user name but an invalid password
exit;
}