HOME.PL

use DBI;
use CGI;
use strict;


my $cgi = CGI->new(); 
my $db ="databa";
my $usr ="root";
my $pwd ="";
my $host ="localhost";


my $dbh = DBI->connect("DBI:mysql:$db:$host", $usr, $pwd {
   AutoCommit => 0,
    RaiseError => 1,
} )   or die $DBI::errstr;

my $username = $cgi->param('username');
my $password = $cgi->param('password');


my $sth = $dbh->prepare("select id from mysql_auth where username=? AND password=?");
$sth->execute($username,$password)
if(my $x = $sth->fetchrow());
{
$sth->finish();
my $cookie = $cgi->cookie(
   -name => 'login',
   -value => $username,
   -expires => '+2m',
   -path => '/');
print $cgi->redirect(-url=>"welcome.pl", -cookie=>$cookie);
} else {
  print"wrong password\n";
}

WELCOME.PL
use DBI;
use CGI;
use strict;


my $cgi = CGI->new(); 
$sid = $cgi->param('login');
if ( ! $sid ){ # exit and return to home.pl! we have no cookies 
  print $cgi->redirect(-uri=>"home.pl", -cookie=>$cookie);
} else { #start using the page! we have cookies 
  print $cgi->header(-cookie=>$cookie);
 }