LMPX.COM |
Home | Linux | Mysql | PHP | XML | ||
|
|
|||
From: Robert Roggenbuck Date: Fri Jan 8 13:03:07 2010 Subject: Re: Need help with a login script
At first assure that the correct values come from the database (see below). May be that's enough... Greetings Robert Adam Jimerson schrieb: [snip] > if (param) { > form_verify (@user); > print "Username: $user[0]\n<br />Password: $user[1]<br />\n"; #use for debugging > my $sth = $dbh->prepare("SELECT * FROM Users WHERE 'UserName' = '$user > [0]' AND 'Password' = '$user[1]'"); #check that username and password exist and match Better to replace '*' with the field name You need, do not quote field names, use placeholders and include only UserName in the WHERE-clause: "SELECT Password FROM Users WHERE UserName = ?" > $sth->execute(); Then the execute() must look like: $sth->execute($user[0]); > my @Login = $sth->fetchrow_array(); Now better say: my ($pw) = $sth->fetchrow_array(); > $sth->finish(); > if (($Login[2] eq "$user[0]") && ($Login[3] eq "$user[1]")) { Just: if ($pw eq "$user[1]") { > print "<p>Hello $user[0]!</p>\n"; #debugging use only, will add on > later > } else { > print "<p>Login Failed!</p>\n"; > print "Username: $user[0]\n<br />Password: $user[1]\n"; #use for > debugging > } > } else { > print start_form; > print_form(); > print end_form, "\n"; > } > [snip]
| Navigate in group perl.beginners.cgi at sever nntp.perl.org | |
| Previous | Next |
| © No Copyright You are free to use Anything |
Site Maintained by Zareef Ahmed
Powered By PHP Consultants |