#  $session and $user came from cookie
use MD5 ;
	
my $md5 = new MD5 ;
$md5->reset ;

#create ceritficate
my $yday = (localtime)[7];
my $certif = $username . $yday . do4k.g0 . $ENV{'HTTP_USER_AGENT'}  .  $ENV{'REMOTE_ADDR'}  ;

# encrypt Certificate
$md5->add($certif);
my $enc_cert = $md5->hexdigest() ;

#compare
if($enc_cert eq $session) {
   # we're logged in - run script ;
} else {
   # we're not logged in - disp error msg
}