Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: DBI & MySQL Login Test

by astroboy (Chaplain)
on Aug 25, 2009 at 04:03 UTC ( #790973=note: print w/ replies, xml ) Need Help??


in reply to DBI & MySQL Login Test

If you're checking logins against a user table, you could count the number of rows that match your u/p combination

my $sql = q{ select count(*) from app_users where username = ? and password = ? }; if (($dbh->selectcol_arrayref($sql, undef, $username, $password)->[0] +== 1) { # We've logged in } else { # login error }

Of course, you probably shouldn't store your passwords in plain text. Assuming you've got some sort of one way encryption going on (using Perl's crypt, or a MD5 or SHA module), you could simply replace the test with

if (($dbh->selectcol_arrayref($sql, undef, $username, my_crypt_call($p +assword))->[0] == 1)

By the way, don't interpolate variables in your SQL, or you'll make your login susceptible to a SQL injection attack. Always use placeholders

Update: corrected syntax


Comment on Re: DBI & MySQL Login Test
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://790973]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (10)
As of 2014-10-20 08:14 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (73 votes), past polls