Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling

Re: DBI & MySQL Login Test

by astroboy (Chaplain)
on Aug 25, 2009 at 04:03 UTC ( #790973=note: print w/replies, xml ) Need Help??

in reply to DBI & MySQL Login Test

If you're checking logins against a user table, you could count the number of rows that match your u/p combination

my $sql = q{ select count(*) from app_users where username = ? and password = ? }; if (($dbh->selectcol_arrayref($sql, undef, $username, $password)->[0] +== 1) { # We've logged in } else { # login error }

Of course, you probably shouldn't store your passwords in plain text. Assuming you've got some sort of one way encryption going on (using Perl's crypt, or a MD5 or SHA module), you could simply replace the test with

if (($dbh->selectcol_arrayref($sql, undef, $username, my_crypt_call($p +assword))->[0] == 1)

By the way, don't interpolate variables in your SQL, or you'll make your login susceptible to a SQL injection attack. Always use placeholders

Update: corrected syntax

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://790973]
[choroba]: csh considered harmful
[erix]: no, I'm using bash :)
[marioroy]: :)
[marioroy]: I use the default and happens to be bash
[erix]: heh, I like the "Resolved" (Christiansen is really funny)
Discipulus is makita a reincarnation of grinder?
[erix]: I probably also need to understand TAP a bit better than I do

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (9)
As of 2017-03-23 08:29 GMT
Find Nodes?
    Voting Booth?
    Should Pluto Get Its Planethood Back?

    Results (285 votes). Check out past polls.