473,573 Members | 4,498 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

how to use if condition in perl

3 New Member
i have written program to check whether the username and password entered are members of a company or not.... Im totally new to perl language... so please help me what is wrong with the following program..
thanx in advance...

Expand|Select|Wrap|Line Numbers
  1. #!/usr/bin/perl - w
  2.  
  3. use DBI;
  4. use strict;
  5. use CGI ':standard';
  6.  
  7. my $name = param('name');
  8. my $password = param('password');
  9. my $dbh = DBI->connect('DBI:mysql:test','root','') or die "Can't connect:" . DBI->errstr();
  10. my $sth = $dbh -> prepare('select password from user where name = "$name"') or die "Can't prepare SQL: " . $dbh->errstr();
  11. $sth -> execute() or die "Can't execute SQL: " . $sth -> errstr();
  12.  
  13. my($name1, $password1);
  14. my $flag = 0;
  15.  
  16. while(($password1) = $sth->fetchrow()) 
  17. {
  18. if($password1)    
  19.     print "$password1";
  20. else {
  21.     print "not member\n";
  22.     break;
  23. }
  24. }
  25.  
  26. #if($password1)
  27. #    print "microsoft member";
  28. #else
  29. #    print "not a microsoft member";
  30.  
  31. $sth->finish();
  32. $dbh->disconnect();
Oct 1 '08 #1
10 4911
KevinADC
4,059 Recognized Expert Specialist
one thing is if you use a scalar in a single-quoted string it will not be expanded but treated literally:

Expand|Select|Wrap|Line Numbers
  1. my $sth = $dbh -> prepare('select password from user where name = "$name"')
$name is the above line is literally $name and not whatever value the scalar $name has stored. Try this:

Expand|Select|Wrap|Line Numbers
  1. my $sth = $dbh -> prepare(qq{select password from user where name = "$name"})
There could be other problems with your code, but I did not check it all.
Oct 1 '08 #2
Icecrack
174 Recognized Expert New Member
Please Post in Code Tags,

Also Use for more debug.

Expand|Select|Wrap|Line Numbers
  1. use CGI qw(:standard -debug);
  2. use CGI::Carp qw(fatalsToBrowser);
take out:

Expand|Select|Wrap|Line Numbers
  1. use CGI ':standard';

also i would use the package (Module) Mysql
eg.
Expand|Select|Wrap|Line Numbers
  1. use Mysql;
i may have downloaded this but it makes life easy.

eg.

Expand|Select|Wrap|Line Numbers
  1. use Mysql;
  2.  
  3. $host = "127.0.0.1";
  4. $database = "users_l";
  5. $tablename = "users";
  6. $user = " ";
  7. $pw = " ";
  8.  
  9. $connect = Mysql->connect($host, $database, $user, $pw);
  10. $connect->selectdb($database);
  11. $myquery = "SELECT * FROM users WHERE init='$initc'";
  12. $execute = $connect->query($myquery);
  13.  
  14.  
  15. while (($id, $usern, $cleare, $init) = $execute->fetchrow_array())
  16.     {
  17. #check for user name and password match
  18. #pass a flag 
  19. }
  20.  
  21.  
Oct 1 '08 #3
vapanchamukhi
3 New Member
Please Post in Code Tags,

Also Use for more debug.

Expand|Select|Wrap|Line Numbers
  1. use CGI qw(:standard -debug);
  2. use CGI::Carp qw(fatalsToBrowser);
take out:

Expand|Select|Wrap|Line Numbers
  1. use CGI ':standard';

also i would use the package (Module) Mysql
eg.
Expand|Select|Wrap|Line Numbers
  1. use Mysql;
i may have downloaded this but it makes life easy.

eg.

Expand|Select|Wrap|Line Numbers
  1. use Mysql;
  2.  
  3. $host = "127.0.0.1";
  4. $database = "users_l";
  5. $tablename = "users";
  6. $user = " ";
  7. $pw = " ";
  8.  
  9. $connect = Mysql->connect($host, $database, $user, $pw);
  10. $connect->selectdb($database);
  11. $myquery = "SELECT * FROM users WHERE init='$initc'";
  12. $execute = $connect->query($myquery);
  13.  
  14.  
  15. while (($id, $usern, $cleare, $init) = $execute->fetchrow_array())
  16.     {
  17. #check for user name and password match
  18. #pass a flag 
  19. }
  20.  
  21.  
where you have declared $initc?? what values it contains????
Oct 1 '08 #4
Icecrack
174 Recognized Expert New Member
where you have declared $initc?? what values it contains????
$initc would be a param from form input


Expand|Select|Wrap|Line Numbers
  1. $initc=param('user');


another example:

Expand|Select|Wrap|Line Numbers
  1.  
  2.  
  3. use CGI qw(:standard -debug);
  4. use CGI::Carp qw(fatalsToBrowser);
  5. use Mysql;
  6.  
  7.  
  8. $name=param('name');
  9. $password=param('password');
  10.  
  11.  $host = "127.0.0.1";
  12.  $database = "users_l";
  13.  $tablename = "users";
  14.  $user = " ";
  15.  $pw = " ";
  16.  
  17.  $connect = Mysql->connect($host, $database, $user, $pw);
  18.  $connect->selectdb($database);
  19.  $myquery = "SELECT password FROM user WHERE name='$name'";
  20.  $execute = $connect->query($myquery);
  21.  
  22.  
  23.  while (($sqlpassword) = $execute->fetchrow_array())
  24.      {
  25.  
  26. if ($password eq "$sqlpassword")
  27. {
  28. print "Login Accepted.";
  29. }
  30. elsif ($password ne "$sqlpassword")
  31. {
  32. print "Error Password Incorrect";
  33. }
  34. elsif ($sqlpassword eq undef)
  35. {
  36. print "User Not Found Please Try Again.";
  37. }
  38. }
  39.  

Note: i would also check for perl and SQL cancel characters in the password and user param (never trust your users), as this could lead to unsecure program,

the use of ',;:/.%*)(^%$#@!`~+= try to cancel those characters. (also this will prevent future errors with SQL)
Oct 1 '08 #5
KevinADC
4,059 Recognized Expert Specialist
also i would use the package (Module) Mysql
I am pretty sure that module is considered obsolete, I don't even see it listed on CPAN anymore.

Edit:

I found it:

http://search.cpan.org/~rudy/DBD-mys...OLETE_SOFTWARE
Oct 1 '08 #6
Icecrack
174 Recognized Expert New Member
I am pretty sure that module is considered obsolete, I don't even see it listed on CPAN anymore.

Edit:

I found it:

http://search.cpan.org/~rudy/DBD-mys...OLETE_SOFTWARE
My Bad i didn't read down a little more :P

They must of merged them MS SQL AND MY SQL

yes it's obsolete but still i think its a lot easier and cleaner.
Oct 1 '08 #7
eWish
971 Recognized Expert Contributor
People are also using Rose which is gaining popularity.


--Kevin
Oct 2 '08 #8
eWish
971 Recognized Expert Contributor
the use of ',;:/.%*)(^%$#@!`~+= try to cancel those characters. (also this will prevent future errors with SQL)
When making use of the DBI to connect to your database, you can use placeholders and bind values. Using this method will escape special characters for you. Thus your SQL won't complain.

--Kevin
Oct 2 '08 #9
Icecrack
174 Recognized Expert New Member
When making use of the DBI to connect to your database, you can use placeholders and bind values. Using this method will escape special characters for you. Thus your SQL won't complain.

--Kevin
thanks for the update :)
Oct 2 '08 #10

Sign in to post your reply or Sign up for a free account.

Similar topics

31
4746
by: surfunbear | last post by:
I've read some posts on Perl versus Python and studied a bit of my Python book. I'm a software engineer, familiar with C++ objected oriented development, but have been using Perl because it is great for pattern matching, text processing, and automated testing. Our company is really fixated on risk managnemt and the only way I can do enough...
0
3323
by: jason | last post by:
Hello - looking for an efficient way in perl (been a while) to use a control file to pass or fail strings submitted to a perl program. I have a flat file allow.txt in the following format. It does not have to be in this format, it can be in regex format - and maybe should be. f1 -+f2 -+f3 -+f4 -+f6 ... records in the file may look as...
7
7250
by: jason | last post by:
Pardon the perl noobie post, this one is silly one I'm sure, but nonetheless, I'm stuck on it. why doesn't $_ substitute with the data when the program is passed the string as such. The eventual objective of the program being to test the string against a list of regexes. perl test.pl 'xxxxxxxxxxx test1 xxxxxxxxxxxxxxx' note commented line...
0
9736
by: Kirt Loki Dankmyer | last post by:
So, I download the latest "stable" tar for perl (5.8.7) and try to compile it on the Solaris 8 (SPARC) box that I administrate. I try all sorts of different switches, but I can't get it to compile. I need it to be compiled with threads. Anyone have any wisdom on how best to do this? Here's a transcript of my latest attempt. It's long; you...
2
4032
by: David Sudjiman | last post by:
Hi, I'm using this perl script to get the information from a form and send it through email. The problem is when I do an email address validation. it seems it does not want to match it. For example, i give the real abc@abc.com for mail_from it works. But if I give 123, the web page turns error 500 internal error. Please advice.
4
1889
by: joh12005 | last post by:
Hello, i posted for suggestions a little idea even if it still needs further thoughts but as i'm sure you could help :) if would like to implement some kind of Condition class which i coud use to build bricks of more complex condition, conditions are based on fields by using regexp class Condition:
13
3240
by: Otto J. Makela | last post by:
I'm trying to install to php the Perl-1.0.0.tgz package (from http://pecl.php.net/package/perl, enabling one to call perl libraries) to a pre-existing Solaris system. Unfortunately, the attempt fails in a rather dramatic way, spewing out thousands of "relocation remains"... I'm somewhat lost on what to do next, the documentation that came...
1
5057
by: manishabh77 | last post by:
I will be obliged if anybody can help me with this problem: I am trying to extract data from an excel sheet that matches IDs given in column 4 of the excel sheet.I have stored those query IDs in an array (@names). After I look for the match in this section of the code: if ($value=~/^$names$/), I want to write out only those rows that satisfy the...
2
1934
by: edrichard | last post by:
Hi, I have a file that contains the following... hostMode=Standard displayName=CL1-A-0 nickname=1A-G00 hostMode=Windows Extension displayName=CL1-A-2 nickname=SERVER123_B20_S6_0
0
7741
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7661
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
7977
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
1
7730
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
8026
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
6347
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
0
5252
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3692
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
1
1256
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.