use CGI;
my $q = new CGI;
sub set_cookie {
my ( $username ) = @_;
my $cookie = $q->cookie( -name => 'validated',
-value => $username,
-expires => '+1h',
);
print $q->header( -cookie=>$cookie );
}
####
# returns username stored in cookie if we have validated user or 0 if not
sub validate {
return $q->cookie('validated') if $q->cookie('validated');
return 0;
}
####
use CGI;
use Crypt::Blowfish;
use Crypt::CBC;
my $q = new CGI;
my $c = new Crypt::CBC( 'gnuisnotunix','Blowfish');
my $hidden_fields = '';
if ( validate( $q->param('username'), $q->param('password') ) {
my $hidden_fields = get_hidden_fields( $q->param('username');
show_database_form($hidden_fields)
}
else {
error( 'Invalid username/pass' );
}
sub validate {
my ( $username, $password ) = @_;
# validate using the user/pass
return 1 if $username eq 'foo' and $password eq 'bar';
# alternatively validate on the hidden fields
return 1 if validate_checksum();
return 0;
}
sub get_hidden_fields {
my $username = shift;
my $checksum = $c->encrypt_hex($username);
return <
HTML;
}
sub validate_checksum {
return $c->decrypt_hex($q->param('checksum')) eq $q->param('username') ? 1 : 0;
}
sub show_database_form {
my $hidden = shift;
return <
$hidden
blah blah
HTML
}