#!/usr/bin/perl -wT # auth.cgi use DBI; use strict; use CGI qw(:standard); require "./shared.pl" or die "Can't find file. $!\n"; my $user = param('username'); my $pass = param('password'); my $action = param('action'); my $dbh = DB_Connect(); Logout() if($action eq "logout"); Login_Page() unless($pass); my $valid = Check_Login($user, $pass); if($valid) { my $cookie = Create_Cookie("1h", $user); print redirect(-uri=>"main.cgi", -cookie=>$cookie); exit; } else{ my $time = time(); print redirect(-uri=>"auth.cgi?$time"); exit; } sub Logout{ my $time = time(); my $cookie = Create_Cookie("-1h", ""); print redirect(-uri=>"auth.cgi?$time", -cookie=>$cookie); exit; } sub Create_Cookie{ my $exp = shift; my $val = shift; my $cookie = cookie( -name => 'dms', -value => $val, -expires => $exp ); return($cookie); } sub Check_Login{ my $user = shift; my $pass = shift; my $data; my $sth = $dbh->prepare( qq{ SELECT password FROM dms_users WHERE username = ? } ); $sth->execute($user); $data = $sth->fetch; $sth->finish; $dbh->disconnect; ($data->[0] eq $pass) ? return 1 : return 0; } sub Login_Page{ print header(); print<DMS Example

Welcome to the DMS Example

Username:
Password:

HTML exit; }