Perl-Sensitive Sunglasses | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
A few things. Is it fair to say that your desired logic is "if the username and password match, go to the new page, otherwise generate an error"?
If so, you can simply write: You seem to be mixing up eq and == in your hash tests. I would guess you want to treat the hashed password as a string, so you should use eq and ne. If you find yourself legitimately writing a long if/elsif cascade, it's generally a good idea to put an 'else' clause on the end, to catch any unexpected situations. If you don't think it can ever happen, feel free to make the contents die "horribly" or something, but if you have 4 or 5 tests, it's a fair bet you may have missed one. Lastly, your SQL query is going to guarantee that $username eq $row[1] is true, as long as some data is returned. Presumably you want to go to your error page if the number of rows returned is zero. You probably also want to have an error condition (perhaps a different one) if you get more than one row back from that query. So (assuming your error routine doesn't return): Lastly, in case you actually have different error cases in your different branches above, I'd counsel you not to do that. If someone can get a different error depending on whether they pass in a bad username or a bad password, that allows them to guess usernames. That weakens your security. In reply to Re: elsif loop
by jbert
|
|