Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change

Re: DBI & MySQL Login Test

by astroboy (Chaplain)
on Aug 25, 2009 at 04:03 UTC ( #790973=note: print w/replies, xml ) Need Help??

in reply to DBI & MySQL Login Test

If you're checking logins against a user table, you could count the number of rows that match your u/p combination

my $sql = q{ select count(*) from app_users where username = ? and password = ? }; if (($dbh->selectcol_arrayref($sql, undef, $username, $password)->[0] +== 1) { # We've logged in } else { # login error }

Of course, you probably shouldn't store your passwords in plain text. Assuming you've got some sort of one way encryption going on (using Perl's crypt, or a MD5 or SHA module), you could simply replace the test with

if (($dbh->selectcol_arrayref($sql, undef, $username, my_crypt_call($p +assword))->[0] == 1)

By the way, don't interpolate variables in your SQL, or you'll make your login susceptible to a SQL injection attack. Always use placeholders

Update: corrected syntax

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://790973]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (10)
As of 2018-06-22 18:00 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (124 votes). Check out past polls.