Re: elsif loop

first - you select records (in fact, very probably only *one* record that has the userid $username).
i'm pretty sure you only have one row with that userid.

second - then you go over that row(s) and compare $username to the fetched userid. don't you trust your database? for what reason do you do a 'where userid = ?' anyway?

third - you're preparing $sth and execute $usr - a mistake?

my $sth = $db->prepare( q{SELECT userid, password from user where user
+id = ?} ) or die $dbh->errstr;
$sth->execute($username) or die $dbh->errstr;
my ($uid, $pass) = $sth->fetchrow_array;
if ($pass ne $hashPassword) {
  error();
}
[download]

Comment on Re: elsif loop Download Code

Replies are listed 'Best First'.
Re^2: elsif loop by Anonymous Monk on Dec 12, 2006 at 15:55 UTC
Thanks for all the comments. I have considered each of them. I don't think i have access to the server logs for the server i am working on, so i can't check the exact perl error when i get an internal server error. Where should these logs be? When i applied jberts first example example all cases work fine except when an incorrect username and password are entered. In that case i get an internal server error. `if($username eq $row[0] && $hashPassword eq $row[1]) { # Go to the new page } else { error(); }` [download] Using the second example i am given access to the next page with the correct user name and an incorrect password. Does anyone know why this is happening?	[reply] [d/l]
Re^3: elsif loop by nimdokk (Vicar) on Dec 12, 2006 at 17:26 UTC
Just a suggestion for troubleshooting. Especially since you may not have access to server logs. Try taking the logic you are using and putting it into a script you can run from the commandline to make sure the logic works the way you expect before putting it into the CGI script. Once you get that working (and know it works their), then put it back in and test it with the CGI app. I've often found simplifying a script will help get to the root of the problem and a fix is fairly apparent at that point. Adding `use strict` and `use warnings` in the test script will also help. Hope that helps.	[reply] [d/l] [select]