In some of the previous tutorials, you’re already learned how to program simple sketches to remotely control leds, relays… today I’m going to show you how to secure those projects with the addition of apassword.
Web form
The webpage Arduino publishes contains a simple form, made by two buttons and an input field to type the password:
When you click the button, your browser sends to Arduino a POST command with the form data, besides some informations about the browser itself:
Notice in the screenshot above that data is concatenated using the & character and that the typed password is sent after the pwd= label.
Sketch
The program running on Arduino (you can find it in my repository on Github), do the following when it receives a new request from the network:
- checks if it is a POST request
- if so, extracts from the request’s body the password value and compares it with the one in memory
- if the two password match, it extracts also which button (ON|OFF) was pressed
- changes the output status
- returns the HTML page
In detail:
char* led_password = "SesamE";
the password is hardcoded in the sketch, by default it is SesamE
pinMode(led_pin, OUTPUT); digitalWrite(led_pin, LOW); led_status = false;
in the setup() the sketch initializes the PIN direction and the output status (off at first)
if(strstr((char *)Ethernet::buffer + pos, "POST /") != 0) {
then the sketch verifies – using the strstr() function – if the received packet contains the command POST /
char* password_position = strstr((char *)Ethernet::buffer + pos, "&pwd=");
if(password_position != 0) {
strcpy(password, password_position + 5);
if(strcmp(password, led_password) == 0) Serial.println("Valid password :)");
if so, the sketch searches for the string &pwd=; if that is found, it extracts the password and stores it in the password variable. The two passwords are then compared
if(strstr((char *)Ethernet::buffer + pos, "OFF=") != 0) {
digitalWrite(led_pin, LOW);
led_status = false;
if the password is correct and the packet contains the OFF= command, the output is switched off. A similar check is performed for the ON= command
if(led_status == true) bfill.emit_p(PSTR( [...]
in the end, the HTML page is created dinamically using two if:
- according to the output status, one of the two buttons is disabled (adding the disabled attribute)
- if the password is incorrect, a warning message is displayed
Demo
Here are two screenshots about this project, one with a correct password and one with a wrong one:
For more details,please refer to origianal post
http://www.lucadentella.it/en/2013/12/19/enc28j60-e-arduino-17/
Leave a Reply
You must be logged in to post a comment.