0

Can you tell me the input so that the check statement is passed along with the try..except of the input pin

#!/usr/bin/python
# Secure Pin system
import sys

users = {'admin': '<REDACTED>'}

def register(username, password):
    if username in users:
            return "User already exits."
    users[username] = password
    return "Registered Successfully."        

def login(username, password):
    if username not in users:
            return "Wrong pin/password"
    if password != users[username]:
            return "Wrong pin/password"
    if username == "admin":
            return "The FLAG is what you entered in the \"Pin\" field to get here!"
    return "You must login as admin to get the flag"

def handle_command(command):
    if command not in ["REG", "LOGIN"]:
            return "Invalid Command!"
    print "Username:",
    sys.stdout.flush()
    username = raw_input()

    try:
            print "Pin ([0-9]+):",
            sys.stdout.flush()
            password = input() # we only support numbers in password

    except:
            return "Please enter a valid password. Pin can only contain digits."        
    if command == 'REG':
            return register(username, password)
    if command == 'LOGIN':
            return login(username, password)

if __name__=="__main__":
    print "Hey welcome to the admin panel"                
    print "Commands: REG, LOGIN"
    try:
            print ">",
            sys.stdout.flush()
            command = raw_input()
            print handle_command(command)
            sys.stdout.flush()
    except:
            pass

The code is all right but the only thing is to bypass the input check There is a bug that is to be identified

Improve this question

2 Answers 2

Reset to default
1

If you want to check whether the input from user only has numbers, then you can use the method - str.isnumeric() , to check whether the string only contains numbers.

Example -

>>> "123".isnumeric()
True
>>> "123.21".isnumeric()
False
>>> "abcd".isnumeric()
False

You can do this check instead of a try/except block (since you do not really use the password as a number after this block).

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

the problem is that with the given code i have to compare a string
Compare a string to what/
yes, if you want to check if the string is only containing numbers, then use the above check.
0

To ensure the user enters a number, you could convert the script to use a function as follows:

def get_input_number(prompt):
    while True:
        try:
            user_num = int(raw_input(prompt))
            return user_num
        except ValueError:
            print "Please enter a valid password. Pin can only contain digits."

password = get_input_number("Pin ([0-9]+): ")

This would then keep prompting until a number is entered.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.