MySQL Forums
Forum List  »  Perl

Re: validating username and password in db???
Posted by: Naveen Gupta
Date: April 30, 2005 01:17AM

hi nick,
actually as i said, when i'm typing the username and password (which i verified is correct) i'm being shown "Username or Password Incorrect!" which should not be the case. Instead i shud get a "Thank You" message. A couple of guys told me to include a code to md5 the password i'm entering in the textbox, and then match it with the encrypted password (which also has to be fetched using some particular code). Only then i'll be able to authenticate.
And i dont have access to MYsql client on a terminal window. i can access it through a web interface. I can see the table structure there which shows the passwords as encrypted. And i'm not getting any error.
My code looks as follows --

#!/usr/bin/perl

use CGI;
use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;
use DBI;

my $query = new CGI;
print $query->header();
warningsToBrowser(1); # this should be put after printing the header;
#print $query->start_html(-title=>'LOGIN PAGE');

$db="database";
$host="host";
$user="user";
$password=pwd;

if(($query->request_method() eq "POST") && ($query->param("user") ne '') && ($query->param("password") ne ''))
{

$chkuser=$query->param("user");
$chkpassword=$query->param("password");

$dbh = DBI->connect("DBI:mysql:database=$db:host=$host", $user, $password) or die "Can't connect to database:$DBI::errstr\n";
$qry = $dbh->prepare("SELECT emp_name, password FROM new_user where emp_name=$chkuser");
$qry->execute;

@row=$qry->fetchrow_array;

$name=$row[0];
$password=$row[1];

if ($chkuser eq $name && $chkpassword eq $password)
{
print "<p> Thank You!<p>";
$dbh->disconnect;
print $query->end_html();
}
else
{
print "<HEAD> Username or Password Incorrect!</HEAD>";
print "<a href='login_main.pl'>Please Try Again</a>";

$dbh->disconnect;
print $query->end_html();
}
}
else
{
#print "Content-type: text/html\n\n";

#print <<EOF;
print "<HTML>";
print "<BODY>";
print "<FORM METHOD='POST' ACTION='login_main.pl'>";

print "<p>Username:</p>";
print "<input type='text' name='user'><br>";

print "<p>Password:</p>";
print "<input type='password' name='password'><br>";
print "<input type='submit' value='submit'><br>";
print "</FORM>";
print "</BODY>";
print "</HTML>";
#EOF
#print $query->end_html();
}

If you could help me out of this one..it would be great
Thank You

Options: ReplyQuote


Subject
Written By
Posted
Re: validating username and password in db???
April 30, 2005 01:17AM
May 02, 2005 01:16AM
May 02, 2005 02:19AM
May 02, 2005 04:08AM
May 02, 2005 06:08AM
May 02, 2005 06:19AM
May 02, 2005 06:36AM
May 02, 2005 07:25AM
May 02, 2005 11:49PM
May 03, 2005 03:58PM
May 04, 2005 04:55AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.