1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

login page

Discussion in 'Perl' started by eanair, Dec 9, 2006.

  1. eanair

    eanair New Member

    Hi i am writing a log on page for a web application. What i want it to do is take a user name and password as input pass these to a cgi file using the 'post' method, then using dbi compare the username and passwords to the contents of a mysql table which in which all usernames and passwords are stored.

    I am having a problem recieving the username and password, i think my html form is fine, and that the problem is in my cgi file.

    This is the code that i am using to recieve the username and password from the html form

    Code:
    
    $query_string = $ENV{'QUERY_STRING'}; $first = split(/&/, $query_string); ($u_name, $pass) = split(/=/, $first);
    
    Another area where there might be a problem is my select statement

    Code:
    
    $sth = $dbh->prepare(q{SELECT table1.name, table1.address, usertable.password from table1, usertable where table1.name = usertable.user_name and user.user_name = ?}); $sth->execute($u_name);
    
    The desired output here is the name, address and password of the user with the username passed in by the form.

    I am not sure if the "?" is right in the select statement? I am also unsure about the value $u_name in the brackets, when i enter a sample username in the place of the "?" in the select statement, the result will not print out unless i remove the $u_name from the brackets in the line below.

    I would appreciate any help or suggestions, as i have spent many hours working on this and have run out of ideas

    Thanks
     
  2. pradeep

    pradeep Team Leader

    Firstly, its a bad practice to send username password in the querystring.
    Secondly, you can use the CGI module to get form data.
    Checkout the example below

    Code:
    #!/usr/bin/perl
    
    use CGI;
    
    if($ENV{REQUEST_METHOD} eq 'POST')
    {
    	$q = new CGI;
    	
    	$username = $q->param('username');
    	$password = $q->param('password');
    
    	#do the rest of your checking here
    }
    else
    {
    	# show ur form
    }
     
  3. eanair

    eanair New Member

    Thanks for the help.

    Can anybody recommend a good perl /dbi tutorial i am new to all this and not to sure about the best ways to go about it. Thanks
     
  4. pradeep

    pradeep Team Leader

    The CPAN would be of the best help to you know about the DBI module, just visit http://cpantools.com and try it out yourself, and in case you are stuck you know where to get help ;-)
     
  5. eanair

    eanair New Member

    Thanks for the help. I have come accross one more perl issue. How do i check if a variable is empty.
    I have tried
    Code:
    if($variable eq ""){
     #do something
    }
    
    and
    Code:
    if(not(defined ($variable))){
     #do something
    }
    
    and finally
    Code:
    if(undef $variable ){
     #do something
    }
    
    but none seem to work, what is the correct way of doing this? Thanks
     
  6. eanair

    eanair New Member

    I got it working, it was justs a bracket out of line!
     
  7. pradeep

    pradeep Team Leader

    LOL! All the best.
    Try an post different query/problems in different threads.
     

Share This Page