You didn't ask about the password part specifically, although your subject hints at it. If you want to verify the password, the previous resp are right on - you just might want to use Digest::MD5 to build a one-way hash to store your password strings rather than plain-text strings. A lost password would need to get reset rather than recovered but this gives you a more reasonable level of security for a little bit of code. Have to use the same md5 function when building the user/password table.

use Digest::MD5 qw(md5);
# ... assume that $dbh was initialize previously ...
my $query = qq(SELECT count(*) FROM user WHERE username=? AND password
+=?);
my $sth = $dbh->prepare($query);

$sth->execute($user,md5($password));
($rc) = $sth->fetchrow_array;
if( $rc == 1 ) {
 # user and pass matched
} else { 
 # user and pass did not match (rc == 0 ) or 
 # you don't have a unique key for user/pass (rc > 1)
}
[download]