This is not easy to do with Class::DBI. You are probably better off not using the MySQL PASSWORD() command and using perl's crypt() to achieve the same results (or even better, us MD5 or SHA1). And a quote from the MySQL docs suggests you shouldn't be using this function anyway:

Note: The PASSWORD() function is used by the authentication system in MySQL Server, you should NOT use it in your own applications

If you want to handle this on the perl side with MD5 or SHA1 hashes you can use the trigger support in Class::DBI to handle the UPDATE statement above (a before INSERT or UPDATE trigger can hash the password field before it is sent to the database).

As for the SELECT statement, I would probably just create a custom method in your Class::DBI module that checked the password for you. It could hash the password and do the SQL call and return true or false. Your call to check a password could then simply be My::User->check_password($username, $password). There are examples in the Class::DBI docs that explain how to create your own custom SQL statements and wrap them up in a method.

- Cees