#!/Perl/bin/perl -w
use Digest::MD5 qw/md5_base64/;
use CGI::Carp qw/fatalsToBrowser/;
use CGI qw/:standard/;
use DBI;
use strict;

print "Content-type:text/html\n\n";

my %info;
my $driver = "mysql";
my $database = "amy";
my $dsn = "DBI:$driver:database=$database;host=localhost";
my $dbh = DBI->connect($dsn) or die "Couldnt connect: $DBI::errstr\n";
my $username = param('username');
my $password = md5_base64(param('password')) if param('password');

if(!$username){
 relogin("Enter your username");
}elsif(!$password){
 relogin("Enter your password");
}

my $sth = $dbh->prepare("SELECT * FROM info WHERE pword='$password'");
$sth->execute() or die "Couldnt do it: $!\n";
while(my $ref = $sth->fetchrow_hashref){
%info = %{$ref};
}
$sth->finish();
$dbh->disconnect();

if($username ne $info{'uname'}){
 relogin("Invalid Username");
}
if($password ne $info{'pword'}){
 relogin("Invalid Password");
}

print $info{'loan'};

sub relogin{
my $msg = shift;
print <<HtmlCode;
<html>
<head>
<title>Login</title>
</head>
<body>
<center>
<form action="/cgi-bin/amysloan.cgi" method="post">
<table border="0">
 <tr>
  <td colspan="2"><center>$msg</center></td>
 </tr>
 <tr>
  <td>Login:</td>
  <td><input name="username" size="10" value="$username"></td>
 </tr>
 <tr>
  <td>Password:</td>
  <td><input type="password" name="password" size="10"></td>
 </tr>
 <tr>
  <td colspan="2"><center><input type="submit" value="login"></center></td>
 </tr>
</table>
</form>
</center>
</body>
</html>
HtmlCode
exit;
}