use strict;
    use warnings;

##</code><code>##

    use CGI::Carp qw{ fatalsToBrowser };

##</code><code>##

    use warnings FATAL => "all";

##</code><code>##

    Use of unitialized value in numeric eq (==) at login.cgi line 50.

##</code><code>##

    if($ref->{'counted'} == 1){

##</code><code>##

    my $dbh = connectDB();
    my $sth = $dbh->prepare("SELECT count(id) as counted FROM perl_users WHERE `username` = ? AND `password` = ?");

    $sth->execute($uname, $pass_hash);

    my $ref = $sth->fetchrow_hashref();

##</code><code>##

    sub debug {
        my ($msg) = @_;
        my $lnum = (caller)[2];

        print qq{<pre><b>Debug [line $lnum]</b>: &nbsp; $msg</pre>};
    }

##</code><code>##

    if($q->request_method eq "POST"){
        debug("Yes, the request method WAS 'POST'");

##</code><code>##

    my $uname = $q->param('uname');
    my $pass  = $q->param('pass');
    debug("Passed values were: Uname=$uname Pass=$pass");

##</code><code>##

    #!/usr/bin/perl

    print "Content-type: text/html\n\n";
    require 'learn/db_connect.pl';

    use CGI;
    use CGI::Session qw();
    use CGI::Carp qw{ fatalsToBrowser };
    use DBI;

    use strict;
    # use warnings;        # Put this back in when done with FATAL => "all"
    use warnings FATAL => "all";

    my $username;
    my $user_id;

    use File::Basename;
    my $prog = 'profile.cgi';

    use Digest::SHA qw(hmac_sha512_hex);
    my $q   = new CGI;
    my $cgi = new CGI;

    my $meth = $q->request_method;

    sub debug {
        my ($msg) = @_;
        my $lnum = (caller)[2];

        print qq{<pre><b>Debug [line $lnum]</b>: &nbsp; $msg</pre>};
    }

    # If it's NOT POST, go back to index.pl
    if($q->request_method ne "POST"){
        print "<script>window.location.href = 'index.pl';</script>";
        exit;
    }

    # Get parameters
    my $uname = $q->param('uname');
    my $pass  = $q->param('pass');
    debug("Passed values were: Uname=$uname Pass=$pass");

    # A better way to write if (!defined($uname) or $uname eq "") { ... }
    # is if (!($uname || "")) { ... }
    ##
    if (!($uname || "")) {
        my $err = qq{error=please fill all fields};
        print "<script>window.location.href = 'index.pl?$error';</script>";
        exit;
    }

    my $pass_hash = hmac_sha512_hex($pass);
    my $dbh = connectDB();
    my $sql = qq{
        SELECT count(id) as counted FROM perl_users
         WHERE `username` = ? AND `password` = ?
    };

    $sth->execute($uname, $pass_hash);
    my $ref = $sth->fetchrow_hashref();

    if ($ref->{'counted'} != 1) {
        my $err = qq{error=Invalid Username Or Password.};
        print "<script>window.location.href = 'index.pl?$error';</script>";
        exit;
    }


    # Successful up to this point -- note the lack of hard-to-read,
    # multiply nested if ... else .. else ... else clauses.
    ##
    $sql = qq{
        SELECT * FROM perl_users WHERE `username` = ? AND `password` = ?
    };
    my $sql001 = $dbh->prepare($sql);
    $sql001->execute($uname, $pass_hash);

    my $result = $sql001->fetchrow_hashref();

    $user_id  = $result->{'id'};
    $username = $result->{'username'};

    my $s = CGI::Session->new;
    $s->param("user_id" => $user_id);
    my $id = $s->id;

    print "<script>window.location.href = 'profile.pl?token=$id';</script>";