Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?

Re: DBI & MySQL Login Test

by astroboy (Chaplain)
on Aug 25, 2009 at 04:03 UTC ( #790973=note: print w/ replies, xml ) Need Help??

in reply to DBI & MySQL Login Test

If you're checking logins against a user table, you could count the number of rows that match your u/p combination

my $sql = q{ select count(*) from app_users where username = ? and password = ? }; if (($dbh->selectcol_arrayref($sql, undef, $username, $password)->[0] +== 1) { # We've logged in } else { # login error }

Of course, you probably shouldn't store your passwords in plain text. Assuming you've got some sort of one way encryption going on (using Perl's crypt, or a MD5 or SHA module), you could simply replace the test with

if (($dbh->selectcol_arrayref($sql, undef, $username, my_crypt_call($p +assword))->[0] == 1)

By the way, don't interpolate variables in your SQL, or you'll make your login susceptible to a SQL injection attack. Always use placeholders

Update: corrected syntax

Comment on Re: DBI & MySQL Login Test
Select or Download Code

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://790973]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (6)
As of 2015-11-26 01:29 GMT
Find Nodes?
    Voting Booth?

    What would be the most significant thing to happen if a rope (or wire) tied the Earth and the Moon together?

    Results (695 votes), past polls