use strict;

my %passwd;
while (<DATA>) {
   my ($id,$email,$user,$passwd) = split;
   $passwd{$user} = {
      id     => $id,
      email  => $email,
      passwd => $passwd,
   };
}

my @other_array = @ARGV[0,1];

my $user = $passwd{$other_array[0]} || die "bad user";
die "bad password" unless $other_array[1] eq $user->{passwd};

__DATA__
1028804576 nasa@dodo.com.au name password
1028804590 nasa@dodo.com.au name2 pass2
1028804598 who@where.com again anouther
[download]

use strict;
use DBI;

my $dbh = DBI->connect(
   "DBI:CSV:f_dir=.;csv_eol=\n;csv_sep_char= ;",
   {RaiseError=>1},
);

$dbh->{csv_tables}->{'users'} = { 
   file      => 'users.csv',
   col_names => [qw(id email user passwd)],
};

my $user = shift;
my $pass = shift;

my $sth = $dbh->prepare("
   select id,email,user,passwd 
   from users
   where user = ?
   and passwd = ?
");
$sth->execute($user,$pass);

my $valid = $sth->fetchrow_hashref;
die "bad user/pass" unless $valid;

my $id    = $valid->{id};
my $email = $valid->{email};
[download]

jeffa

L-LL-L--L-LL-L--L-LL-L--
-R--R-RR-R--R-RR-R--R-RR
B--B--B--B--B--B--B--B--
H---H---H---H---H---H---
(the triplet paradiddle with high-hat)

What you are describing now looks like something fairly different from what you seemed to be describing before. I'm not even sure if this can be answered without resorting to crystal balls... I'll assume that you want to check if two values you enter in a form appear as two of the fields on the same line of your data file (name and password).

To do this, process the lines one by one, checking the two fields against the values that were entered. If they match, set a flag and break out of the loop. After the loop, check the flag to see if the input was "correct":

my $found = 0;
for (@lines) {
    my (undef, undef, $theName, $thePass) = split;
    if ($theName eq $name && $thePass eq $pass) {
        $found++ and last;
    }
}

# check for value of $found, etc, etc
[download]

— Arien

Your description is still not very clear?

• Of course the two form entries can end up $hit and $strike

Why "Of course"?

You talk about $hit and $strike and then go on to use them as if they are arrays with if (/$hit[0]/ || /$strike[1]/) {?

You also fail to mention what $hit and $strike actually represent?

Making a lot of assumptions about what your code is trying to do:

Assuming one of these vars is contains an userid, and the other the associated password, and that the code's intent is to check the password for the given userid, your method is fundementally flawed.

You appear to be looping through array and checking if either appears anywhere in the file!

This means that only one of the two has to be somewhere in the array and your $flag will be set true.

In other words, I would only have to guess any userid or any password to pass your test!! Not good.

Update:Example code withdrawn.

All of that said, you really need to think about way you are implementing this as it is full of holes as far as a security mechanism is concerned.

I strongly urge you to read perlsec and find out about the -T switch.

In other words, I would only have to guess any userid or any password to pass your test!! Not good.

Your code doesn't improve on that. ;)

— Arien

Edit: Just to clarify, guessing any character anywhere will do. And let's not even talk about passing something like a dot in when not using quotemeta.

The first problem with your code, and the reason it always comes back with "Found it. ", it this line:

 
          if (/$hit[0]/ || /$strike[1]/) {
[download]

Here you are asking if either $hit[0] or $strike[1] is found within this line. Which means that it only needs for one of these to appear anywhere in the file, and "Found it." will be printed. In order to check that both exist in the same line you would need to do something like:

 
     if (/$hit[0] && /$strike[1]/) {
[download]

However, that's still not good enough because ( I'm going to use $userid instead of $hit[0] and $password instead of $strike[1] ).

Let's say $userid = 'fred' and $password = 'mother' and the associated email_id is fred@yahoo.com, when the line of your array containing:

 
     1028804576 fred@yahoo.com fred mother
[download]

is checked, then if ( /$userid/ && /$password/) { will match and your on your way, but what happens if a line earlier in your file contained

 
     1028804571 mum@yahoo mother fred    # This would also match, and 
+would be found earlier
#                        ^^^^^^ ^^^^
     1028804572 wilfred@hotmail wilf mother    # This would also match
+ and be found earlier
#                 ^^^^              ^^^^^^
[download]

So, the next step is to make sure that a) they both appear in the right order and b) they are at the end of the line, something like this:

 
     if ( /$userid[ \t]+$password$/ ) { 
     # [ \t]+ means one or more spaces or tabs ($/) means at the end o
+f the line.
[download]

This is better, but now think about what happens if some nasty user fills in ".*" for $userid and $password?

This means that the regex /$userid[ \t]+$password$/ will become /.*[ \t]+.*$/, which will match any line that has a space or a tab in it! Again, not what you want at all.

The way to avoid this is to use the quotemeta function or the \Q\E metaquote pairings see perlman:perlre.

 
     $userid = quotemeta $userid;
     $password = quotemeta $password;
     if ( /$userid[ \t]+$password$/ ) {
[download]

or just

     if ( /\Q$userid\E[ \t]+\Q$password$\E/ ) {
[download]

So, a version of your code with the minimum changes to make it work would look something like

Updated again to cover the hole Arien points out below!

 
#! perl -w

 my $flag = 0;
 for (@raw_data) {
     if ( defined $hit[0] and $hit[0]         # has a value that is no
+n-null
       and  defined $strike[1] and $strike[1]      # ditto
       and /\Q$hit[0]\E[ \t]+\Q$strike[1]\E$/) {
         print "Found it.";
         $flag = 1;
         last;
     }
 }
 if (! $flag) { # didn't find it in the array
     print "didnt find it";
 }
[download]

That said, reading your database into a hash as described in jeffa's and other answers is almost certainly a better way of doing what you want to do, and my earlier advice about reading perlman:perlsec and using the -T switch still stands.

Finally, it would be a good idea to read Writeup Formatting Tips before you post another question to save the editors from having to reformat your posts to make them readable.

I'm sorry, but this still isn't good enough:

if (/\Q$hit[0]\E[ \t]+\Q$strike[1]\E$/) {

Now you just need a valid password, as long as you leave the username ($hit[0]) empty.

— Arien