467,912 Members | 1,588 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,912 developers. It's quick & easy.

perl mysql login using apache

hi

i am a student and am doing this for one of my assignments

i am trying to create a login using perl and mysql database.i was succesful in doing that

now i want to use cookies for authorisation

how can i do this

my perl login script is as follows

#!/usr/bin/perl -wT
use CGI qw(:standard);
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
#use lib '.';
use DBI;
#use strict;

print header;


print "<html><head>\n";
print "<title>User Added Successfully</title>\n";
print '<table><img src="../flag.GIF" width="100%" height="167"></table>';
print '<table width="100%" border="0">
<tr bgcolor="#999999">
<td> View All Jobs<img src="../blank.gif" width="50" height="1">Search
Job<img src="../blank.gif" width="50" height="8">Add
a Job<img src="../blank.gif" width="50" height="1">Guest
Book<img src="../blank.gif" width="50" height="1">Employer
Login<img src="../blank.gif" width="50" height="8">About
Us<img src="../blank.gif" width="50" height="1">Contact
Us</td>
</tr>
</table>';

my $dbh = DBI->connect( "dbi:mysql:trial", "root", "") ;
my $user = param('username');
my $password = param('password');

my $sth = $dbh->prepare("select * from users where username=?") or &dbdie;
$sth->execute($user) or &dbdie;
my $uinfo = $sth->fetchrow_hashref;
if ($user eq "") {
&dienice("Please enter your Username ");
}

if ($password eq "") {
&dienice("Please enter your Password.");
}

if ($user ne $uinfo->{username}) {
&dienice("The username $user doesnt exist.");
}

# now encrypt the old password and see if it matches what's in the database
if ($uinfo->{password} eq crypt($password,substr($uinfo->{password},0,2)))
{
print "<HTML><META HTTP-EQUIV=Refresh CONTENT='0;URL=http://web15/members/welcome.html'></HTML>\n";
print $user;
exit;
}
else
{
print "wrong password";
}

print end_html;

sub dienice {
my($msg) = @_;
print "<h2>Error</h2>\n";
print $msg;
exit;
}

sub dbdie {
my($package, $filename, $line) = caller;
my($errmsg) = "Database error: $DBI::errstr<br>
called from $package $filename line $line";
&dienice($errmsg);
}

sub encrypt {
my($plain) = @_;
my(@salt) = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/');
return crypt($plain, $salt[int(rand(@salt))] . $salt[int(rand(@salt))]);

sub random_id {
# This routine generates a 32-character random string
# out of letters and numbers.
my $rid = "";
my $alphas = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLM NOPQRSTUVWXYZ";
my @alphary = split(//, $alphas);
foreach my $i (1..32) {
my $letter = $alphary[int(rand(@alphary))];
$rid .= $letter;
}
return $rid;
}
}
Sep 17 '06 #1
  • viewed: 4893
Share:
3 Replies
I wrote one of my own that accesses a database where the username and passwords are stored as fldUserName and fldPassword. Of course, I dressed up the login page with CSS, but this is just an example snippet. I wrote it when I woke up today after a frustrating night of trying to make other people's code work. I tested it and it works. If you want something done right, do it yourself I say. I did not add the security cookie to it yet, but here it is. The login program looks like this:

#!/usr/bin/perl -wT
use CGI qw(:standard);
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
use strict;

print "Content-type: text/html\n\n";
print <<BodyHTML;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Registration Form</title>
</head>

<body>
<form name = "login" action = "logincheck.cgi" method = "POST">
<table>
<tr>
<td>
User Name<br />(25 characters or less)
</td>
<td>
Password<br />(8 - 15 alphanumeric characters)
</td>
</tr>
<tr>
<td><input type = "text" name = "UserName" id = "UserName" size = "25" maxlength = "25" tabindex = "0" />
</td>
<td><input type = "text" name = "Password" id = "Password" size = "15" maxlength = "15" tabindex = "1" />
</tr>
<tr>
<td>
<input type = "submit" value = "Login" tabindex = "2" />
</td>
</tr>
<tr>
<td>
<p>To register go to the <a href = "register.cgi">registration</a> page.</p>
</td>
</tr>
</table>
</form>
BodyHTML
print end_html;



The logincheck.cgi file looks like this:

#!/usr/bin/perl -wT
use CGI qw(:standard);
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
use DBI;
use strict;

print "Content-type: text/html\n\n";

print <<BodyHTML;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Registration Redirection</title>
</head>
BodyHTML

my $dbh = DBI->connect("DBI:mysql:database:localhost","database_ username","database_password", { RaiseError => 1,
AutoCommit => 1 }) or &dienice("Can't connect to database: $DBI::errstr");

my $UserName=param('UserName');
my $Password=param('Password');
my $sth = $dbh->prepare("select * from tblCustomers where fldUserName = ?") or &dbdie;
$sth->execute($UserName) or &dbdie;
my $row = $sth->fetchrow_hashref;
if ($UserName ne $row->{fldUserName}) { &dienice(qq(Username does not exist. Go to the <a href =
"custreg.cgi">registration</a> page to register.)); }
if ($Password ne $row->{fldPassword}) {
&dienice (qq(The password is invalid. Go to the <a href = "passreset.cgi">password reset</a> page to reset your password.)); }
if ($Password eq $row->{fldPassword})
{ print redirect(- location=>"index.cgi"); }
$dbh->disconnect;
print end_html;

sub dienice {
my ($msg) = @_;
print "<h1>$msg</h1>";
exit;
}

sub dbdie {
my ($errmsg) = "$DBI::errstr<br />";
&dienice($errmsg);
}
Feb 7 '07 #2
KevinADC
Expert 2GB
September 17th, 2006

but maybe he still needs to turn in that school assignment ;)
Feb 7 '07 #3
LOL...I found his post while working on my own school assignment. I thought I'd just reply for the record, since I had such a hard time getting to the bottom of the correct code last night.
Feb 7 '07 #4

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

58 posts views Thread by @ | last post: by
4 posts views Thread by Keith | last post: by
reply views Thread by mdh | last post: by
1 post views Thread by daniel kaplan | last post: by
6 posts views Thread by Bob Sanderson | last post: by
6 posts views Thread by surfivor | last post: by
reply views Thread by sandy | last post: by
31 posts views Thread by happyse27 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.