Hi,
I can't seem to get my login script to work properly. The user name and password are referenced against a mysql database. If the credentials are correct the user gets forwarded to another page. If not, a error message is displayed.
Verifying the username works fine, but verifying the password does not. Attached is the code. Any help would be much appreciated.
Thanks.
if ($ENV{REQUEST_METHOD} eq "GET")
{
&header();
&dsp();
}
else
{
&header();
&verify_form();
&logged_in();
}
#Print Header
sub header {
$cgi_object=new CGI;
print $cgi_object->header('text/html');
}
#Verify Form
sub verify_form {
$missing = 0;
### Get form values ###
foreach ($cgi_object->param())
{
$form{$_} = $cgi_object->param($_);
$uname = $form{user_name};
$pword = $form{pass_word};
if ($form{$_} eq "")
{
$missing = 1;
$error="Incorrect Username and/or Password";
}
$select = qq~select user,pass from users where user = '$uname'
+~;
$dbh=DBI->connect($connectionInfo,$user,$passwd);
$sth=$dbh->prepare($select);
$sth->execute();
if (@row = $sth->fetchrow_array())
{
if ($row[1] ne $pword)
{
$error="Incorrect Password";
$missing = 1;
}
}
}
if ($missing == 1)
{
&dsp();
exit;
}
}