login page

eanair

Hi i am writing a log on page for a web application. What i want it to do is take a user name and password as input pass these to a cgi file using the 'post' method, then using dbi compare the username and passwords to the contents of a mysql table which in which all usernames and passwords are stored.

I am having a problem recieving the username and password, i think my html form is fine, and that the problem is in my cgi file.

This is the code that i am using to recieve the username and password from the html form

Code:

$query_string = $ENV{'QUERY_STRING'}; $first = split(/&/, $query_string); ($u_name, $pass) = split(/=/, $first);

Another area where there might be a problem is my select statement

Code:

$sth = $dbh->prepare(q{SELECT table1.name, table1.address, usertable.password from table1, usertable where table1.name = usertable.user_name and user.user_name = ?}); $sth->execute($u_name);

The desired output here is the name, address and password of the user with the username passed in by the form.

I am not sure if the "?" is right in the select statement? I am also unsure about the value $u_name in the brackets, when i enter a sample username in the place of the "?" in the select statement, the result will not print out unless i remove the $u_name from the brackets in the line below.

I would appreciate any help or suggestions, as i have spent many hours working on this and have run out of ideas

Thanks

pradeep

Firstly, its a bad practice to send username password in the querystring.
Secondly, you can use the CGI module to get form data.
Checkout the example below

Code: Perl

#!/usr/bin/perl

use CGI;

if($ENV{REQUEST_METHOD} eq 'POST')
{
    $q = new CGI;
    
    $username = $q->param('username');
    $password = $q->param('password');

    #do the rest of your checking here
}
else
{
    # show ur form
}

eanair

Thanks for the help.

Can anybody recommend a good perl /dbi tutorial i am new to all this and not to sure about the best ways to go about it. Thanks

pradeep

The CPAN would be of the best help to you know about the DBI module, just visit http://cpantools.com and try it out yourself, and in case you are stuck you know where to get help ;-)

eanair

Thanks for the help. I have come accross one more perl issue. How do i check if a variable is empty.
I have tried

Code:

if($variable eq ""){
 #do something
}

and

Code:

if(not(defined ($variable))){
 #do something
}

and finally

Code:

if(undef $variable ){
 #do something
}

but none seem to work, what is the correct way of doing this? Thanks

eanair

I got it working, it was justs a bracket out of line!

pradeep

LOL! All the best.
Try an post different query/problems in different threads.

eanair Light Poster
9Dec2006,23:39	#1
	Hi i am writing a log on page for a web application. What i want it to do is take a user name and password as input pass these to a cgi file using the 'post' method, then using dbi compare the username and passwords to the contents of a mysql table which in which all usernames and passwords are stored. I am having a problem recieving the username and password, i think my html form is fine, and that the problem is in my cgi file. This is the code that i am using to recieve the username and password from the html form Code: $query_string = $ENV{'QUERY_STRING'}; $first = split(/&/, $query_string); ($u_name, $pass) = split(/=/, $first); Another area where there might be a problem is my select statement Code: $sth = $dbh->prepare(q{SELECT table1.name, table1.address, usertable.password from table1, usertable where table1.name = usertable.user_name and user.user_name = ?}); $sth->execute($u_name); The desired output here is the name, address and password of the user with the username passed in by the form. I am not sure if the "?" is right in the select statement? I am also unsure about the value $u_name in the brackets, when i enter a sample username in the place of the "?" in the select statement, the result will not print out unless i remove the $u_name from the brackets in the line below. I would appreciate any help or suggestions, as i have spent many hours working on this and have run out of ideas Thanks

eanair Light Poster
10Dec2006,17:19	#3
	Thanks for the help. Can anybody recommend a good perl /dbi tutorial i am new to all this and not to sure about the best ways to go about it. Thanks

pradeep Team Leader
10Dec2006,22:02	#4
	The CPAN would be of the best help to you know about the DBI module, just visit http://cpantools.com and try it out yourself, and in case you are stuck you know where to get help ;-)

eanair Light Poster
12Dec2006,05:18	#5
	Thanks for the help. I have come accross one more perl issue. How do i check if a variable is empty. I have tried Code: if($variable eq ""){ #do something } and Code: if(not(defined ($variable))){ #do something } and finally Code: if(undef $variable ){ #do something } but none seem to work, what is the correct way of doing this? Thanks

eanair Light Poster
12Dec2006,05:24	#6
	I got it working, it was justs a bracket out of line!

login page

Already a member?

Not a member yet?

Search Go4Expert

Latest Forum Topics

Find Us On Facebook

Latest Articles

pradeep Team Leader
12Dec2006,12:59	#7
	LOL! All the best. Try an post different query/problems in different threads.

User Name:		Save
Password