N
Nitin
I am trying to authenticate the user by using one variable and
checking for that in a oracle table. When I execute my code I always
get authenticated, evenif there is no entry for me in that table. here
is the code: -
---------------------------------------------------
#!/sbcimp/run/pd/perl/prod/bin/perl -w
$USERID = $ENV_ID;
$wobj = new CGI;
print $wobj->header();
print $wobj->start_html();
DBI->trace(1);
print $wobj->hr;
$dbh = DBI->connect('DBI:Oracle:ABC', 'ORACLE_DATA', 'xyz') || die
"Database co
nnection not possible: $DBI::errstr";
$sth = $dbh->prepare("SELECT LOGIN_ID FROM ADMINS WHERE LOGIN_ID =
'$USERID'") or die '$DBI::errstr';
$sth->execute() or die '$DBI::errstr';
$login_id = $sth->fetchrow_array();
if ($login_id = $USERID) {
print '<h1>You Are In</h1>';
print '<hr>';
} else {
print '<H1>You are out</H1>';
}
$sth->finish;
$dbh->disconnect();
print $wobj->end_html;
checking for that in a oracle table. When I execute my code I always
get authenticated, evenif there is no entry for me in that table. here
is the code: -
---------------------------------------------------
#!/sbcimp/run/pd/perl/prod/bin/perl -w
$USERID = $ENV_ID;
$wobj = new CGI;
print $wobj->header();
print $wobj->start_html();
DBI->trace(1);
print $wobj->hr;
$dbh = DBI->connect('DBI:Oracle:ABC', 'ORACLE_DATA', 'xyz') || die
"Database co
nnection not possible: $DBI::errstr";
$sth = $dbh->prepare("SELECT LOGIN_ID FROM ADMINS WHERE LOGIN_ID =
'$USERID'") or die '$DBI::errstr';
$sth->execute() or die '$DBI::errstr';
$login_id = $sth->fetchrow_array();
if ($login_id = $USERID) {
print '<h1>You Are In</h1>';
print '<hr>';
} else {
print '<H1>You are out</H1>';
}
$sth->finish;
$dbh->disconnect();
print $wobj->end_html;