Listing 8: login.html

<!-- -*- mmm-classes: mason -*-
-->
<Head>

% if ($user_id) {
<Title>You have been logged in.</Title></Head>

<Body>
<H1>You have been logged in.</H1>

<P>Welcome back, <b><% $user_info->{username}
%></b>!</P>
% } else {

<Title>Invalid login.</Title></Head>

<Body>
<H1>Invalid login.</H1>

<P>Either your password was wrong, or no such user exists.</P>

% }

<%once>
my ($dbh, $sql, $sth, $result, $user_id, $user_info);
</%once,><\n>

<%init>
$dbh = $m->comp("database-connect.comp");

$sql = "SELECT user_id ";
$sql .= "FROM Users ";
$sql .= "WHERE username = ? ";
$sql .= "AND password = ? ";

$sth = $dbh->prepare($sql) || die qq{Error preparing
"$sql": $DBI::errstr};

$result = $sth->execute($username, $password)
    || die qq{Error preparing "$sql": $DBI::errstr};

# Get the user ID
($user_id) = $sth->fetchrow_array;

# Set the user ID for this session
$session{user_id} = $user_id;

# Now get information about the user
$user_info = $m->comp("get-user-info.comp", user_id => $user_id);
</%init>

<%args>
$username
$password
</%args>