problem fetching *only one* value.

N

Nitin

I am trying to authenticate the user by using one variable and
checking for that in a oracle table. When I execute my code I always
get authenticated, evenif there is no entry for me in that table. here
is the code: -
---------------------------------------------------
#!/sbcimp/run/pd/perl/prod/bin/perl -w
$USERID = $ENV_ID;
$wobj = new CGI;
print $wobj->header();
print $wobj->start_html();
DBI->trace(1);
print $wobj->hr;
$dbh = DBI->connect('DBI:Oracle:ABC', 'ORACLE_DATA', 'xyz') || die
"Database co
nnection not possible: $DBI::errstr";
$sth = $dbh->prepare("SELECT LOGIN_ID FROM ADMINS WHERE LOGIN_ID =
'$USERID'") or die '$DBI::errstr';
$sth->execute() or die '$DBI::errstr';
$login_id = $sth->fetchrow_array();
if ($login_id = $USERID) {
print '<h1>You Are In</h1>';
print '<hr>';
} else {
print '<H1>You are out</H1>';
}
$sth->finish;
$dbh->disconnect();
print $wobj->end_html;
 
N

Nitin

Hi Jim,

Thanks, that = was an oversight i guess :-| But, even now my code
validates me every time, evenif my name is not in the specified table.
Now the code looks like this: -
--------------------------------------------------------------
#!/sbcimp/run/pd/perl/prod/bin/perl -w
use CGI qw/:all/;
use CGI::Carp qw/fatalsToBrowser/;
use DBI;
use strict;
my $USERID = $ENV_ID;
my $wobj = new CGI;
print $wobj->header();
print $wobj->start_html();
DBI->trace(1);
print $wobj->hr;
my $dbh = DBI->connect('DBI:Oracle:xyz', 'abc', 'fgh') || die
"Database connection not possible: $DBI::errstr";
my $sth = $dbh->prepare("SELECT LOGIN_ID FROM ADMINS WHERE LOGIN_ID =
'$USERID'") || die '$DBI::errstr';
$sth->execute() || die '$DBI::errstr';
my @row = $sth->fetchrow_array();
my $login_id = $row[0];
if ($login_id eq $USERID) {
print '<H1>You are an admin</H1>';
print '<hr>';
} else {
print '<H2>You are not an admins</H2>';
}
$dbh->disconnect();
print $wobj->end_html;
--------------------------------------------------------------

Not sure what is the problem now. Would appreciate your reply.

Thanks in advance.

Nitin

{PS: I have tried all the three options which you specified
previously.)
 
J

Joe Smith

Nitin said:
my $USERID = $ENV_ID;
Click to expand...

That sets $USERID to undef.
my $login_id = $row[0];
Click to expand...

You're not testing to see if fetchrow_array was successfull,
so that value could easily be undef.
if ($login_id eq $USERID) {
print '<H1>You are an admin</H1>';
Click to expand...

if ($login_id) {
print "<H1>You are logged in as $login_id</H1>\n";
} else {
print "<H2>Invalid attempt to use '$login_id' as login id<H2>\n";
}


-Joe
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

MySQL RENAME TABLE error 3
Need suggestions to improve code 2
yet another question about numbers and strings 3
Fail extracting table from .mdb file using DBI module 6
DBI:Pg script returning 'can't call method' error 3
Trying to access DB 2
UPDATE DB 8
question on "if () " 12

Members online

Total: 30 (members: 2, guests: 28)
Robots: 432

Forum statistics

Threads
473,769
Messages
2,569,576
Members
45,054
Latest member
LucyCarper

Latest Threads

Top