in reply to Re^2: Premature end of script headers issue
in thread Premature end of script headers issue

Add an or die $sth->errstr to the fetchrow_hashref to see what went wrong with the call to the Database.

CountZero

"If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law

Replies are listed 'Best First'.
Re^4: Premature end of script headers issue
by Anonymous Monk on Jan 10, 2005 at 21:18 UTC
    Hey, now we have an error!! 
    fetch() without execute() at login.cgi line 98.

    [download]
    I still don't know what it means but the real question is why this could have worked yesterday and NOW it has this problem (whatever it is). It worked, then it stopped working for a day and no one knew what happened. Then it worked for a few days and now it's back to the same problem (I assume it's the same problem).

    What is the error asking for now?

    Thanks very much for your help.

[reply]
[d/l]
      Somehow the $sth->execute seems to have gotten skipped.

      Change the following 

      my $sth = $dbh->prepare("SELECT * FROM $users_table WHERE username = '
+$username' AND user_password = '$userpass'");
        $sth->execute;

      [download]
      to 
      my $sth = $dbh->prepare("SELECT * FROM $users_table WHERE username = ?
+ AND user_password = ?");
        $sth->execute($username,$userpass) or die $dbh->errstr;

      [download]
      It is a more secure way of doing things (protects against arbitrary SQL code injection attacks -- has nothing to do with your present problem)

      The only reason I can see why your script sometimes runs and sometimes doesn't run is in a combination of inputs which skips the execute code. Are you sure all the if ... then ... else ...-logic is OK?

      CountZero

      "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law

[reply]
[d/l]
[select]
        I was thinking the same thing about the if/else setup. This script was originally created by someone a few years ago and it DID work back then.

        I rewrote the order of the script and I changed the if/else thinking that might be catching (or not catching) if the case may be. Now I'm certain everything is loading in the order it should but it still hangs up when it hits the test print #4.

        The code really isn't that long or complex and I've been working on getting this to work since about 10am this morning. The entire script is posted below incase you or anyone else can come up with any other suggestions.

        Thank you for your help.

        #!/usr/bin/perl

use CGI::Carp qw(fatalsToBrowser);

use CGI qw(:all);
use CGI::Cookie;
use DBI;
use Digest::MD5 qw(md5_hex);

require("../funcs.cgi");
require("../con.cgi");

%cookies = fetch CGI::Cookie;


##################
# THEY ARE ALREADY LOGGED IN
#   SKIP THIS PAGE
###################

if (defined($cookies{'user_id'}))
{
    print "Content-type: text/html\n\n";
    print "You are already logged in.";
    print "<script>window.location = 'index.cgi';</script>\n";
    exit;
}


##################
# THE FORM HAS BEEN SUBMITTED
#
###################

if (param())

    {
               print "Content-type: text/html\n\n";
                use CGI::Carp qw(fatalsToBrowser);
        $username = (param('form_user'));
        $userpass = (param('form_pass'));
        $userpass = md5_hex($userpass);

        #check the database
print "test<br>";

        my $dbh = DBI->connect("DBI:mysql:$edt_dbase", $mysql_user, $m
+ysql_pass) or print DBI->errstr;
                my $sth = $dbh->prepare("SELECT * FROM $users_table WH
+ERE username = '$username' AND user_password = '$userpass'");
                $sth->execute;




print "test2<br>";
        
        if ($sth->rows < 1)
        {
            print "Content-type: text/html\n\n";
            print "Login information incorrect.";
            $dbh->disconnect;
            print "<script>window.location = 'login.cgi';</script>\n";
            exit;
        }

        else
        {
            
print "test3<br>";
            while ($data = $sth->fetchrow_hashref or die $sth->errstr)
            {

print "test4<br>";
                $u_id = $$data{"user_id"};

                my $auth_user = new CGI::Cookie(-name        =>       
+ 'user_id',
                                                -value        =>      
+  $u_id);
     
                my $auth_pass = new CGI::Cookie(-name        =>       
+ 'user_pass',
                                                -value        =>      
+  $userpass);
                
                
                #$cookieset = $auth_user . ";" . $auth_pass;
                print "Set-Cookie: $auth_user\n";
                print "Set-Cookie: $auth_pass\n";
                
                print "Content-type: text/html\n\n";
                print "Welcome " . $username . ", you have successfull
+y logged in.\n";
                                print "$u_id = UID";
                print "<script>window.location = 'index.cgi';</script>
+\n";
            }
        }
        $dbh->disconnect;

exit;

    }


else
{
##################
# NOTHING IS HAPPENING SO LET'S
#  PRINT THE FORM
###################
    {
        print "Content-type: text/html\n\n";

        print qq~

        <table border='1'>
        <form method="post" action="">
        <tr>
            <td>
                <b>Username:</b>
            </td>

            <td>
                <input type='text' length='30' name='form_user'>
            </td>
        </tr>

        <tr>
            <td>
                <b>Password:</b>
            </td>

            <td>
                <input type='password' length='30' name='form_pass'>
            </td>
        </tr>
        
        <tr>
            <td colspan='2'>
                <input type='submit'>
            </td>
        </tr>
        </form>
        </table>

        ~;
    }
}


    
#print "(..)";

        [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom