Hi Monks,
Firstly, I just want to apologise for what might seems like a pointless post. I am self teaching myself Perl (from a non coding background) and I have nobody to "bounce" ideas, syntax and coding methods off. I see most posts on this site are accompanied by large amounts of code whereas I find myself having the most difficulty with concepts.
Anyhoo, I do have some code I would like critiqued, if possible. It is a small function to hash a password and encrypt it using BlowFishCrypt.
I am unsure if it is actually doing what I think it is (I think its good but not certain). I am trying to take a password, add a random salt and insert into a users table. The dbh function is elsewhere but just connects to the database.
Does this look good? Any comments or advice would be great.
sub add_user {
my $dbh = new_dbh();
my $username = $_[0];
my $password = $_[1];
my $email = "$username\@email.com"; #change when live.
my $ppr = Authen::Passphrase::BlowfishCrypt->new(
cost => 12, salt_random => 1,
passphrase => "$password");
my $hash = $ppr->hash_base64;
my $salt = $ppr->salt_base64;
my $sth = $dbh->prepare('INSERT users (users_id,user_name,password
+,email,lib_id,department_id,
permissions, session_id,salt)
VALUES
("",?,?,?,"1","1","1","",?)
')
or die "Couldn't prepare statement: " . $dbh->errstr;
$sth->execute($username,$hash,$email,$salt) or die "Couldn't execu
+te statement: " . $sth->errstr;
$sth->finish;
$dbh->disconnect;
}