On Sunday, June 1, 2003, at 04:39 PM, Annie wrote:
I have a form with two textfields ..one for login and one for password and two buttons reset and submit. on submit i need to verify the login and password from a table in mysql and want to retrieve the corresponding information of the verified id and password.
right now my perl code is able to retrieve all the fields of the table. i need to do the above...can anyone guide me.
Here is some examples of getting data off the web and vice versa -
(NOTE - you may need to fix line wrapping issues caused by mailing.)
#!/usr/bin/perl -w # Author: Daniel Stringfield ([EMAIL PROTECTED]) # Purpose: Web interface/database for Mentoring Skills list # # NEW Purpose: Web interface/database Test Bed for MySQL...
use DBD::mysql; use CGI qw(:all); use Socket;
my $query = new CGI; $| = 1; my $mentorcgi = "http://www.fccj.org/cgi/mentors.pl";; my $dbid = "someID"; my $dbpass = "somePW"; my $db = "mentor"; my $dbhost = "www.fccj.org"; my $dbh = DBI->connect("DBI:mysql:$db:$dbhost",$dbid,$dbpass);
print header;
#open(FCCJH, "/usr/lib/cgi/fccjheader");
#while (<FCCJH>) {
#print $_ ; }if (!param('cmd')) {
print "<br><center>Welcome to the Faculty Mentoring Skills List</P></center>";
print "<center>You may <a href=\"http://www.fccj.org/cgi/mentors.pl?cmd=list\";>List All Faculty Mentors</a> or <a href=\"http://www.fccj.org/cgi/mentors.pl?cmd=search\";>Search By Skill</a></center>";
}
if (param('cmd') eq "search") {
print "<center><table width=580 border=0><FORM method=\"GET\" action=\"$mentorcgi\">";
print "<tr><td>Skill to search for:</td><td><input type=text name=skill></td></tr>";
print "<tr><td><input type=hidden name=cmd value=\"dosearch\"></td></tr>";
print "<tr><td><center><input type=submit value=\"Search\"></center></td></tr>";
print "</FORM></table></center>";
}
if (param('cmd') eq "dosearch") {
my $skill = param('skill');
my $statement = "select uid,skill,si from skills where skill like \"%$skill%\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not execute $statement: $!";
my @row = $sth->fetchrow_array;
print "<center><table width=580 border=1>";
print "<tr><td><b>Name</b></td><td><b>Skill</b></td><td><b>Email</b></ td><td><b>Phone</b></td></tr>";
while(@row) {
my $statement = "select name,email,phone from mentors where uid=\"$row[0]\"";
my $namesth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $namesth->execute
|| die "Can not execute $statement: $!";
my @name = $namesth->fetchrow_array;
print "<tr><td><a href=\"$mentorcgi?cmd=show&uid=$row[0]\">$name[0]</a></td><td>$row[1]</ td><td><a href=\"mailto:$name[1]\";>$name[1]</a></td><td>$name[2]</td></tr>";
@row = $sth->fetchrow_array; } print "</table></center>"; }
if (param('cmd') eq "list") { listmentors(); }
if (param('cmd') eq "show") { showmentor(); }
if (param('cmd') eq "delskill") {
my $si = param('si');
my $statement = "select skill,uid from skills where si=\"$si\"";
my $sth = $dbh->prepare($statement)
|| die "Can't prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not do $statement: $!";
my @skill = $sth->fetchrow_array;
my $rv = $sth->finish;
my $uid = $skill[1];
$statement = "select name from mentors where uid=\"$uid\"";
$sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
$rc = $sth->execute
|| die "Can not do $statement: $!";
my @row = $sth->fetchrow_array;
$rv = $sth->finish;
print "<center><table width=580 border=0><FORM method=\"POST\" action=\"$mentorcgi\">";
print "<tr><td><b>Delete skill for $row[0]</b></td><td>$skill[0]</td></tr>";
print "<tr><td>PROFS ID:</td><td><input type=text name=profsid size=8 maxlength=8></td><td>PROFS Password:</td>";
print "<td><input type=password name=pass size=10><input type=hidden name=uid value=\"$uid\"><input type=hidden name=si value=\"$si\"></td><td><input type=hidden name=cmd value=\"dodelskill\"></td></tr>";
print "<tr><td><center><input type=submit value=\"Delete\"></center></td></tr>";
print "</FORM></table></center>";
}
if (param('cmd') eq "editskill") {
my $si = param('si');
my $statement = "select skill,uid from skills where si=\"$si\"";
my $sth = $dbh->prepare($statement)
|| die "Can't prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not do $statement: $!";
my @skill = $sth->fetchrow_array;
my $rv = $sth->finish;
my $uid = $skill[1];
$statement = "select name from mentors where uid=\"$uid\"";
$sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
$rc = $sth->execute
|| die "Can not do $statement: $!";
my @row = $sth->fetchrow_array;
$rv = $sth->finish;
print "<center><table width=580 border=0><FORM method=\"POST\" action=\"$mentorcgi\">";
print "<tr><td><b>Edit skill for $row[0]</b></td><td>$skill[0]</td></tr>";
print "<tr><td>Update skill as:</td><td><input type=text name=skill value=\"$skill[0]\"></td><td><input type=hidden name=uid value=\"$uid\"></td></tr>";
print "<tr><td>PROFS ID:</td><td><input type=text name=profsid size=8 maxlength=8></td><td>PROFS Password:</td>";
print "<td><input type=password name=pass size=10><input type=hidden name=uid value=\"$uid\"><input type=hidden name=si value=\"$si\"</td><td><input type=hidden name=cmd value=\"doeditskill\"></td></tr>";
print "<tr><td><center><input type=submit value=\"Submit Changes\"></center></td></tr>";
print "</FORM></table></center>";
}
if (param('cmd') eq "doeditskill") {
my $si = param('si');
my $uid = param('uid');
(my $profsid = param('profsid')) =~ tr/a-z/A-Z/;
(my $pass = param('pass')) =~ tr/a-z/A-Z/;
my $skill = param('skill');
my $statement = "select profsid from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rv = $sth->execute
|| die "Can not do $statement: $!";
my @row = $sth->fetchrow_array;
my $finish = $sth->finish;
if ($row[0] eq $profsid) {
my $profcheck = join(' ', $profsid, $pass);
my $answer;
my $remoteserver = "fccjvm.fccj.cc.fl.us";
my $proto = 6;
my $port = 1952;
my $serveraddr = (gethostbyname($remoteserver))[4];
socket(PROFS, PF_INET, SOCK_STREAM, $proto)
|| die "Can not create socket: $!";
connect(PROFS, pack("S n a4 x8", AF_INET(), $port, $serveraddr))
|| die "Can not connect to $remoteserver: $!";
send(PROFS, $profcheck, 0);
recv(PROFS, $answer, 132, 0);
close(PROFS);
if ($answer eq "30" || $answer eq "31") {
print "<center><b>Incorrect PROFS ID or password.</b></center>";
} else {
$statement = "update skills set skill=\"$skill\" where si=\"$si\"";
$sth = $dbh->do($statement)
|| die "Can not do $statement: $!";
}
} else {
print "<br><center>Incorrect PROFS ID for this user.</center>";
}
showmentor();
}
if (param('cmd') eq "dodelskill") {
my $uid = param('uid');
my $si = param('si');
(my $profsid = param('profsid')) =~ tr/a-z/A-Z/;
(my $pass = param('pass')) =~ tr/a-z/A-Z/;
my $skill = param('skill');
my $statement = "select profsid from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rv = $sth->execute
|| die "Can not do $statement: $!";
my @row = $sth->fetchrow_array;
my $finish = $sth->finish;
if ($row[0] eq $profsid) {
my $profcheck = join(' ', $profsid, $pass);
my $answer;
my $remoteserver = "fccjvm.fccj.cc.fl.us";
my $proto = 6;
my $port = 1952;
my $serveraddr = (gethostbyname($remoteserver))[4];
socket(PROFS, PF_INET, SOCK_STREAM, $proto)
|| die "Can not create socket: $!";
connect(PROFS, pack("S n a4 x8", AF_INET(), $port, $serveraddr))
|| die "Can not connect to $remoteserver: $!";
send(PROFS, $profcheck, 0);
recv(PROFS, $answer, 132, 0);
close(PROFS);
if ($answer eq "30" || $answer eq "31") {
print "<center><b>Incorrect PROFS ID or password.</b></center>";
} else {
$statement = "delete from skills where si=\"$si\"";
$sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
$rc = $sth->execute
|| die "Can not execute $statement: $!";
}
} else {
print "<br><center>Incorrect PROFS ID for this user.</center>";
}
showmentor();
}
if (param('cmd') eq "addskill") {
my $uid = param('uid');
my $statement = "select name from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not do $statement: $!";
my @row = $sth->fetchrow_array;
print "<center><table width=580 border=0><FORM method=\"POST\" action=\"$mentorcgi\">";
print "<tr><td><b>Add skill for<br> $row[0]</b></td></tr>";
print "<tr><td>Skill to Add:</td><td><input type=text name=skill1 size=40></td></tr>";
print "<tr><td>Skill to Add:</td><td><input type=text name=skill2 size=40></td></tr>";
print "<tr><td>Skill to Add:</td><td><input type=text name=skill3 size=40></td></tr>";
print "<tr><td>Skill to Add:</td><td><input type=text name=skill4 size=40></td></tr>";
print "<tr><td>Skill to Add:</td><td><input type=text name=skill5 size=40></td></tr>";
print "<tr><td>PROFS ID:</td><td><input type=text name=profsid size=8 maxlength=8></td><td>PROFS Password:</td>";
print "<td><input type=password name=pass size=10><input type=hidden name=uid value=\"$uid\"></td><td><input type=hidden name=cmd value=\"doaddskill\"></td></tr>";
print "<tr><td><center><input type=submit value=\"Add\"></center></td>";
print "<td><a href=\"$mentorcgi?cmd=show&uid=$uid\">Cancel</a></td></tr>";
print "</FORM></table></center>";
}
if (param('cmd') eq "doaddskill") {
my $uid = param('uid');
(my $profsid = param('profsid')) =~ tr/a-z/A-Z/;
(my $pass = param('pass')) =~ tr/a-z/A-Z/;
my @skills = param('skill1');
if (param('skill2')) { push(@skills, param('skill2')); }
if (param('skill3')) { push(@skills, param('skill3')); }
if (param('skill4')) { push(@skills, param('skill4')); }
if (param('skill5')) { push(@skills, param('skill5')); }
my $statement = "select profsid from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rv = $sth->execute
|| die "Can not do $statement: $!";
my @row = $sth->fetchrow_array;
my $finish = $sth->finish;
if ($row[0] eq $profsid) {
my $profcheck = join(' ', $profsid, $pass);
my $answer;
my $remoteserver = "fccjvm.fccj.cc.fl.us";
my $proto = 6;
my $port = 1952;
my $serveraddr = (gethostbyname($remoteserver))[4];
socket(PROFS, PF_INET, SOCK_STREAM, $proto)
|| die "Can not create socket: $!";
connect(PROFS, pack("S n a4 x8", AF_INET(), $port, $serveraddr))
|| die "Can not connect to $remoteserver: $!";
send(PROFS, $profcheck, 0);
recv(PROFS, $answer, 132, 0);
close(PROFS);
if ($answer eq "30" || $answer eq "31") {
print "<center><b>Incorrect PROFS ID or password.</b></center>";
} else {
foreach $skill(@skills) {
$statement = "insert into skills (skill,uid) values (\"$skill\",$uid)";
$sth = $dbh->do($statement)
|| die "Can not do $statement: $!";
}
}
} else {
print "<br><center>Incorrect PROFS ID for this user.</center>";
}
showmentor();
}
if (param('cmd') eq "addmentor") {
print "<center><table width=580 border=0>";
print "<FORM method=\"POST\" action=\"$mentorcgi\">";
print "<tr><td>Name:</td><td><input type=text name=name size=20></td>";
print "<td><input type=hidden name=cmd value=\"doaddmentor\"</td></tr>";
print "<tr><td>Email Address:</td><td><input type=text size=20 name=email></td><td>Phone Number:</td><td><input type=text name=phone size=8></td></tr>";
print "<tr><td>PROFS ID:</td><td><input type=text name=profsid size=8 maxlength=8></td>";
print "<td>PROFS Password:</td><td><input type=password name=pass size=8 maxlength=8></td></tr>";
print "<tr><td></td><td><input type=submit value=Add></td><td><input type=reset value=\"Clear Entries\"></td></tr>";
print "</form></table></center>"; }
if (param('cmd') eq "doaddmentor") {
my $name = param('name');
my $email = param('email');
my $phone = param('phone');
(my $profsid = param('profsid')) =~ tr/a-z/A-Z/;
(my $pass = param('pass')) =~ tr/a-z/A-Z/;
my $profcheck = join(' ', $profsid, $pass);
my $answer;
my $remoteserver = "fccjvm.fccj.cc.fl.us";
my $proto = 6;
my $port = 1952;
my $serveraddr = (gethostbyname($remoteserver))[4];
socket(PROFS, PF_INET, SOCK_STREAM, $proto)
|| die "Can not create socket: $!";
connect(PROFS, pack("S n a4 x8", AF_INET(), $port, $serveraddr))
|| die "Can not connect to $remoteserver: $!";
send(PROFS, $profcheck, 0);
recv(PROFS, $answer, 132, 0);
close(PROFS);
if ($answer eq "30" || $answer eq "31") {
print "<center><b>Incorrect PROFS ID or password.</b></center>";
} else {
my $statement = "insert into mentors (name,phone,email,profsid) values (\"$name\",\"$phone\",\"$email\",\"$profsid\")";
my $sth = $dbh->do($statement); } listmentors(); }
if (param('cmd') eq "delmentor") {
my $uid = param('uid');
my $statement = "select name from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not execute $statement: $!";
my @row = $sth->fetchrow_array;
print "<br>";
print "<center><B>WARNING!</b></center>";
print "<center>This will PERMANTLY DELETE $row[0] from this list!</center>";
print "<center><form method=\"POST\" action=\"$mentorcgi\"><table border=0 width=580>";
print "<tr><td><input type=hidden name=uid value=\"$uid\"></td><td><input type=hidden name=cmd value=dodelmentor></td></tr>";
print "<tr><td>PROFS ID:</td><td><input name=profsid size=8></td><td>PROFS Password:</td><td><input type=password name=pass size=10></td></tr>";
print "<tr><td>Are you SURE?</td><td><SELECT name=doublecheck><option>NO<option>YES</select></td><td><center><input type=submit value=\"Delete\"></center></td></tr>";
print "</table></form></center>"; }
if (param('cmd') eq "dodelmentor") {
my $uid = param('uid');
(my $pass = param('pass')) =~ tr/a-z/A-Z/;
(my $profsid = param('profsid')) =~ tr/a-z/A-Z/;
my $statement = "select profsid from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not execute $statement: $!";
my @row = $sth->fetchrow_array;
if (param('doublecheck') eq "YES") {
if ($profsid eq $row[0]) {
my $profcheck = join(' ', $profsid, $pass);
my $answer;
my $remoteserver = "fccjvm.fccj.cc.fl.us";
my $proto = 6;
my $port = 1952;
my $serveraddr = (gethostbyname($remoteserver))[4];
socket(PROFS, PF_INET, SOCK_STREAM, $proto)
|| die "Can not create socket: $!";
connect(PROFS, pack("S n a4 x8", AF_INET(), $port, $serveraddr))
|| die "Can not connect to $remoteserver: $!";
send(PROFS, $profcheck, 0);
recv(PROFS, $answer, 132, 0);
close(PROFS);
if ($answer eq "30" || $answer eq "31") {
print "<br><center>Incorrect PROFS ID or password.</center>";
} else {
my $statement = "delete from skills where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not execute $statement: $!";
my $rv = $sth-finish;
my $statementm = "delete from mentors where uid=\"$uid\"";
my $sthm = $dbh->prepare($statementm)
|| die "Can not prepare $statementm: $!";
my $rcm = $sthm->execute
|| die "Can not execute $statementm: $!";
my $rvm = $sthm->finish;
listmentors();
}
} else {
print "<br><center>Incorrect PROFS ID for this user.</center>";
}
} else {
showmentor();
}}
if (param('cmd') eq "editmentor") {
my $uid = param('uid');
my $statement = "select name,email,phone from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare $statement: $!";
my $rc = $sth->execute
|| die "Can not execute $statement: $!";
my @row = $sth->fetchrow_array;
print "<center><form method=\"POST\" action=\"$mentorcgi\"><table border=0 width=580>";
print "<tr><td>Change information for:</td><td><b>$row[0]</b></td><td><b>$row[1]</b></td><td><b>$row[2]</ b></td></tr>";
print "<tr><td>Name:</td><td><input type=text name=name value=\"$row[0]\"></td><td><input type=hidden name=cmd value=\"doeditmentor\"</td></tr>";
print "<tr><td>Email Address:</td><td><input type=text name=email value=\"$row[1]\"</td><td><input type=hidden name=uid value=\"$uid\"></td></tr>";
print "<tr><td>Phone Number:</td><td><input type=text name=phone value=\"$row[2]\"</td></tr>";
print "<tr><td>PROFS ID:</td><td><input type=text name=profsid></td><td>PROFS Password:</td><td><input type=password name=pass></td></tr>";
print "<tr><td></td><td><center><input type=submit value=\"Submit Changes\"></center></td><td><center><a href=\"$mentorcgi?cmd=show&uid=$uid\">Cancel</a></center></td></tr>";
print "</table></form></center>"; }
if (param('cmd') eq "doeditmentor") {
my $uid = param('uid');
my $phone = param('phone');
my $email = param('email');
my $name = param('name');
(my $profsid = param('profsid')) =~ tr/a-z/A-Z/;
(my $pass = param('pass')) =~ tr/a-z/A-Z/;
my $profcheck = join(' ', $profsid, $pass);
my $answer;
my $remoteserver = "fccjvm.fccj.cc.fl.us";
my $proto = 6;
my $port = 1952;
my $serveraddr = (gethostbyname($remoteserver))[4];
socket(PROFS, PF_INET, SOCK_STREAM, $proto)
|| die "Can not create socket: $!";
connect(PROFS, pack("S n a4 x8", AF_INET(), $port, $serveraddr))
|| die "Can not connect to $remoteserver: $!";
send(PROFS, $profcheck, 0);
recv(PROFS, $answer, 132, 0);
close(PROFS);
if ($answer eq "30" || $answer eq "31") {
print "<center><b>Incorrect PROFS ID or password.</b></center>";
} else {
my $statement = "update mentors set name=\"$name\",phone=\"$phone\",email=\"$email\" where (uid=$uid and profsid=\"$profsid\")";
my $sth = $dbh->do($statement); } showmentor(); }
sub listmentors() {
my $statement = "select name,email,phone,uid from mentors";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare Get List: $!";
my $rv = $sth->execute
|| die "Can not Get List: $!";
my @row = $sth->fetchrow_array;
print "<br><center><table width=580 border=1>";
print "<tr><td><b>Name</b> <a href=\"$mentorcgi?cmd=addmentor\">Add Mentor</a></td>";
print "<td><b>Skills</b></td><td><b>Email</b></td><td><b>Phone</b></td><tr>";
while (@row) {
print "<tr align=top><td><a href=\"$mentorcgi?cmd=show&uid=$row[3]\">$row[0]</a></td>";
print "<td><lu>";
$statement = "select skill from skills where uid=\"$row[3]\"";
my $ssth = $dbh->prepare($statement)
|| die "Can not prepare Get List: $!";
my $srv = $ssth->execute
|| die "Can not Get List: $!";
my @srow = $ssth->fetchrow_array;
while (@srow) {
print "<li>$srow[0]</li>";
@srow = $ssth->fetchrow_array;
}
print "</lu></td><td><a href=\"mailto:$row[1]\";>$row[1]</a></td>";
print "<td>$row[2]</td></tr>";
@row = $sth->fetchrow_array;
}
print "</table></center>";
my $finish = $sth->finish;
}
sub showmentor() {
my $uid = param('uid');
my $statement = "select name,email,phone from mentors where uid=\"$uid\"";
my $sth = $dbh->prepare($statement)
|| die "Can not prepare Get List: $!";
my $rv = $sth->execute
|| die "Can not Get List: $!";
my @mentorrow = $sth->fetchrow_array;
print "<br><center><table width=580 border=0>";
print "<tr><td><b>Name</b></td><td><b>Email</b></td><td><b>Phone</b></ td><td><a href=\"$mentorcgi?cmd=delmentor&uid=$uid\">Delete</a></td></tr>";
print "<tr><td>$mentorrow[0]</td><td><a href=\"mailto:$mentorrow[1]\";>$mentorrow[1]</a></td><td>$mentorrow[2]</ td><td><a href=\"$mentorcgi?cmd=editmentor&uid=$uid\">Edit</a></td><tr>";
print "</table></center>";
my $mentorfinish = $sth->finish;
$statement = "select skill,si from skills where uid=\"$uid\"";
$sth = $dbh->prepare($statement)
|| die "Can not prepare Get Skills: $!";
$rv = $sth->execute
|| die "Can not get skills list: $!";
my @skillsrow = $sth->fetchrow_array;
print "<br><center><table width=580 border=0>";
print "<tr><td><b>Skills</b></td>";
print "<td><a href=\"$mentorcgi?cmd=addskill&uid=$uid\">Add New Skill</a></td></tr>";
while (@skillsrow) {
print "<tr><td>$skillsrow[0]</td>";
print "<td></td><td><a href=\"$mentorcgi?cmd=editskill&si=$skillsrow[1]\">Edit</a></td>";
print "<td><a href=\"$mentorcgi?cmd=delskill&si=$skillsrow[1]\">Delete</a></td></tr>";
@skillsrow = $sth->fetchrow_array;
}
print "</table></center>";
my $skillsfinish = $sth->finish;
}
finishthis();
sub finishthis() {
if (param('cmd')) {
print "<br><center><table width=580 border=2>";
print "<tr><td><center><a href=\"$mentorcgi\">Back to Main</a></td>";
if (param('cmd') ne "list") { print "<td><center><a href=\"$mentorcgi?cmd=list\">List Mentors</a></td>"; }
if (param('cmd') ne "search") { print "<td><center><a href=\"$mentorcgi?cmd=search\">Search Skills</a></td>"; }
print "</tr></table>";
}
#open(FCCJF, "/usr/lib/cgi/fccjfooter");
#while (<FCCJF>) { print $_ ; }
my $rc = $dbh->disconnect;
}
__END__
HTH/Sx
http://InSecurity.org/ _Sx____________________ ('> iudicium ferat //\ Have Computer - v_/_ Will Hack...
\|/ ____ \|/
"@'/ .. \`@"
/_| \__/ |_\
\__U_/
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
