Session Management with Mason

Listing 4: register.html

<!-- -*- mmm-classes: mason -*-
-->

% # Check to see if all of the required arguments arrived.
% # unless ($username and $password and $password_hint and $email_address)
% {
<Head><Title>Missing information</Title></Head>
<Body>
<H1>Missing information</H1>

<P>Sorry, but your registration information could not be saved because
it was missing the following:</P>

<ul>
% unless ($username) {
<li> Username
% }

% unless ($password) {
<li> Password
% }

% unless ($password_hint) {
<li> Password hint
% }

% unless ($email_address) {
<li> E-mail address
% }
</ul>

<P>Please go <a href="register-form.html">back</a>,
and fill in the missing information.</P>

</Body>
% } else {

<%perl>
# Let's see if this username is already taken
$sql = "SELECT user_id ";
$sql .= "FROM Users ";
$sql .= "WHERE username = ?";

$sth = $dbh->prepare($sql);
$result = $sth->execute($username);

my ($user_name_taken) = $sth->fetchrow_array;
$sth->finish;
</%perl>

% if ($user_name_taken) {

<Head><Title>Username already taken</Title></Head>
<Body>
<H1>Username already taken </H1>

<P>Sorry, but the username <b><% $username %></b>
has already been taken by someone else.
Please try to <a href="register-form.html">register</a>
with a different username.</P>

% } else {

<%perl>
# Since this username is unique, we can
# store this user's information in the database

$sql = "INSERT INTO Users ";
$sql .= " (username, password, password_hint, email)";
$sql .= " VALUES ";
$sql .= " (?, ?, ?, ?)";

$sth = $dbh->prepare($sql);
$result = $sth->execute($username, $password, $password_hint,
$email_address); $sth->finish;
</%perl>

% if ($result) {
% $user_id = $dbh->{"mysql_insertid"};
% $session{user_id} = $user_id;

<Head><Title>Registration inserted</Title></Head>
<Body>
<H1>Registration inserted</H1>
<P>Your registration was successful.</P>

<P>Welcome, <b><% $username %></b>!</P>

% } else {

<Head><Title>Error registering</Title></Head>
<Body>
<H1>Error registering</H1>
<P>Sorry, but your registration was unsuccessful.</P>

% } # Checking $result

% } # Checking $user_name_taken

% } # Ending top-level if/else

<%once>
my ($dbh, $sql, $sth, $result, $user_id);
</%once>

<%init>
$dbh = $m->comp("database-connect.comp");
</%init>

<%args>
$username => undef
$password => undef
$password_hint => undef
$email_address => undef
</%args>