It will be easier for you to find the error if you can see the SQL that your program attempts to run. There are many ways to do this. One is to use the RaiseError option of DBI to "force errors to raise exceptions rather than simply return error codes in the normal way", then use eval to catch the exception and display the SQL and parameters. Something like the following:

#!C:/Perl64/bin/perl.exe 
use strict;
use warnings;
use DBI; 
use CGI; 
 
my $cgi = new CGI; 
 
##Create table using cgi 
$dbh = DBI->connect(
    "dbi:mysql:TestDB",
    'root','zulfi12345', {
        RaiseError  => 1,
    }
) or die "Unable to connect: $DBI::errstr\n"; 
 
my $username   = $cgi->param( 'username' ) || ''; 
my $password   = $cgi->param ('password') || ''; 
my $submit     = $cgi->param( 'submit' ) || ''; 
 
my $sth = $dbh->prepare("

SELECT username, password
FROM users
WHERE
    username = ? and
    password = ?
    
"); 

my @values = ($username, $password);

eval {
    $sth->execute(@values);
};

if($@) {
    die "Execution of\n" . $sth->{Statement} . "\n" .
    "with: @values\n" .
    "failed with: $@\n ";
}


my $found=0; 
while(my $row = $sth->fetchrow_hashref) { 
    $found=1; 
} 

if ($found==1) { 
    print "Welcome";
}

[download]

I have made a few other changes here that you might consider for your own code:

I added use strict; and use warnings;. These are not relevant to your immediate problem but I use them generally and suggest you do too. You can read more about them at Use strict and warnings and elsewhere.

Because I added use strict;, I also added my to declare variables as lexically scoped. There are other ways to conform to the "strict" constraints, but this is an easy one to get started that usually does what I want (and probably you too) and you can learn and use the others as need arises.

I have used Placeholders and Bind Values in the SQL statement. This avoids the need to escape 'special' characters in the values in your SQL. This helps to avoid 'SQL injection', which you should learn about.

In reply to Re: problem with login script by ig
in thread problem with login script by zak100

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.