Menu

drum-circle-web-server

Roger B. Dannenberg

Web Server

Pages on the web server all begin with the prefix http://www.music.cs.cmu.edu/. Here are the pages and what they do:

  • drumcircle/AdminLogin.php -- administer users.
  • drumcircle/AdminLogout.php -- administrator logout
  • drumcircle/AdminChangePassword.php -- ?
  • drumcircle/AdminPort.php -- ?
  • drumcircle/client.php -- used by a client program to look up the IP address and port number for the drum server.
  • drumcircle/register.html -- register a new member, uses form.js.
  • drumcircle/start.html -- run the drum server in cgi-bin/DrumServer.py.

Security

This is not a secure system. Users should not use passwords that are used on other sites.

The security scheme is simple: You log in with an AID (admin ID) and a password. The password is checked in the database. If it matches, cookies are set with the name and a random token, and the random token is also stored in the database. On subsequent page visits, the server page checks that the random token in the cookie matches the random token stored in the database for the given name. If no match, the user is prompted to log in.

Related

Wiki: drum-circle-home

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.