CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: DBI: Re: [hwnd] Is there a better way to write this to check login information?: Edit Log



FishMonger
Veteran / Moderator

Apr 1, 2011, 9:29 AM


Views: 16549
Re: [hwnd] Is there a better way to write this to check login information?

This is a rough example. In actual production code I'd have more checks and balances.


Code
#!/usr/bin/perl -T 

use strict;
use warnings FATAL => 'all';
use DBI;
use CGI;
use CGI::Carp qw( fatalsToBrowser );

my $cgi = CGI->new;

print $cgi->header,
$cgi->start_html('Site Login');

display_login_form() and exit unless $cgi->param('login');

my $authorized = authenticate($cgi->param('user'), $cgi->param('pass'));

if ( $authorized ) {
print "good login\n";
}
else {
print "bad login\n";
}

# *****************************************

sub display_login_form {
# code that generates the login form
}

sub authenticate {

my $user = shift;
my $pass = shift;

return 0 unless $user && $pass;

my $dbh = DBI->connect("DBI:mysql:hwnd_news:localhost", "hwnd_hwnd", "b71lnk")
or die $DBI::errstr;

my $sth = $dbh->prepare(
"SELECT id, name, pass from news_users
WHERE name = ? AND pass = ?
LIMIT 1"
);
$sth->execute($user, $pass);

my ( $id, $name, $pw ) = $sth->fetchrow_array();
$dbh->disconnect;

return ($name eq $user and $pw eq $pass) ? 1 : 0;
}



(This post was edited by FishMonger on Apr 1, 2011, 9:29 AM)


Edit Log:
Post edited by FishMonger (Veteran) on Apr 1, 2011, 9:29 AM


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives