Re: validating username and password in db???
hi nick,
actually as i said, when i'm typing the username and password (which i verified is correct) i'm being shown "Username or Password Incorrect!" which should not be the case. Instead i shud get a "Thank You" message. A couple of guys told me to include a code to md5 the password i'm entering in the textbox, and then match it with the encrypted password (which also has to be fetched using some particular code). Only then i'll be able to authenticate.
And i dont have access to MYsql client on a terminal window. i can access it through a web interface. I can see the table structure there which shows the passwords as encrypted. And i'm not getting any error.
My code looks as follows --
#!/usr/bin/perl
use CGI;
use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;
use DBI;
my $query = new CGI;
print $query->header();
warningsToBrowser(1); # this should be put after printing the header;
#print $query->start_html(-title=>'LOGIN PAGE');
$db="database";
$host="host";
$user="user";
$password=pwd;
if(($query->request_method() eq "POST") && ($query->param("user") ne '') && ($query->param("password") ne ''))
{
$chkuser=$query->param("user");
$chkpassword=$query->param("password");
$dbh = DBI->connect("DBI:mysql:database=$db:host=$host", $user, $password) or die "Can't connect to database:$DBI::errstr\n";
$qry = $dbh->prepare("SELECT emp_name, password FROM new_user where emp_name=$chkuser");
$qry->execute;
@row=$qry->fetchrow_array;
$name=$row[0];
$password=$row[1];
if ($chkuser eq $name && $chkpassword eq $password)
{
print "<p> Thank You!<p>";
$dbh->disconnect;
print $query->end_html();
}
else
{
print "<HEAD> Username or Password Incorrect!</HEAD>";
print "<a href='login_main.pl'>Please Try Again</a>";
$dbh->disconnect;
print $query->end_html();
}
}
else
{
#print "Content-type: text/html\n\n";
#print <<EOF;
print "<HTML>";
print "<BODY>";
print "<FORM METHOD='POST' ACTION='login_main.pl'>";
print "<p>Username:</p>";
print "<input type='text' name='user'><br>";
print "<p>Password:</p>";
print "<input type='password' name='password'><br>";
print "<input type='submit' value='submit'><br>";
print "</FORM>";
print "</BODY>";
print "</HTML>";
#EOF
#print $query->end_html();
}
If you could help me out of this one..it would be great
Thank You
Subject
Written By
Posted
Re: validating username and password in db???
April 30, 2005 01:17AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.