use DBI;
use CGI qw /:standard/;
use CGI::Cookie;
use warnings;

my %cookies = CGI::Cookie->fetch;
if (defined $cookies{'authorized'}){
        #redirect to search.cgi 
        print redirect("search.cgi");
}

if (param){
        my $username = param('username');
        my $password = param('password');
        my $dbh = DBI->connect("dbi:SQLite:dbname=/var/tmp/database.db","","");
        my $sth = $dbh->prepare("select * from users where
                                username = ? and password = ?");
        $sth->execute($username, $password);
        my @row = $sth->fetch_array;
        if (@row){
                #login successful

                # set 'authorized' cookie
                my $cookie = CGI::Cookie->new(
                        -name=>'authorized',
                        -value=>1,
                        -path=>'/~default/chinook');
                        #-expires=>'+10m');

                #redirect to search.cgi
                print redirect(-uri=>'search.cgi',
                                -cookie=>$cookie);


        }else{
                # login failed
                
        }
}
print header, start_html('Login'),h1('Login'),
start_form,
      "Username: ",textfield('username'),br,
      "Password: ",password_field('password'),br,
      submit('Enter'),
end_form, "\n";