Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Re: problem with login script

by ig (Vicar)
on Oct 28, 2013 at 18:13 UTC ( #1060029=note: print w/replies, xml ) Need Help??

in reply to problem with login script

It will be easier for you to find the error if you can see the SQL that your program attempts to run. There are many ways to do this. One is to use the RaiseError option of DBI to "force errors to raise exceptions rather than simply return error codes in the normal way", then use eval to catch the exception and display the SQL and parameters. Something like the following:

#!C:/Perl64/bin/perl.exe use strict; use warnings; use DBI; use CGI; my $cgi = new CGI; ##Create table using cgi $dbh = DBI->connect( "dbi:mysql:TestDB", 'root','zulfi12345', { RaiseError => 1, } ) or die "Unable to connect: $DBI::errstr\n"; my $username = $cgi->param( 'username' ) || ''; my $password = $cgi->param ('password') || ''; my $submit = $cgi->param( 'submit' ) || ''; my $sth = $dbh->prepare(" SELECT username, password FROM users WHERE username = ? and password = ? "); my @values = ($username, $password); eval { $sth->execute(@values); }; if($@) { die "Execution of\n" . $sth->{Statement} . "\n" . "with: @values\n" . "failed with: $@\n "; } my $found=0; while(my $row = $sth->fetchrow_hashref) { $found=1; } if ($found==1) { print "Welcome"; }

I have made a few other changes here that you might consider for your own code:

I added use strict; and use warnings;. These are not relevant to your immediate problem but I use them generally and suggest you do too. You can read more about them at Use strict and warnings and elsewhere.

Because I added use strict;, I also added my to declare variables as lexically scoped. There are other ways to conform to the "strict" constraints, but this is an easy one to get started that usually does what I want (and probably you too) and you can learn and use the others as need arises.

I have used Placeholders and Bind Values in the SQL statement. This avoids the need to escape 'special' characters in the values in your SQL. This helps to avoid 'SQL injection', which you should learn about.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1060029]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (5)
As of 2020-09-24 12:42 GMT
Find Nodes?
    Voting Booth?
    If at first I donít succeed, I Ö

    Results (133 votes). Check out past polls.