sub authenticate 
{ 
    my ($user, $pass); 
    if($query->param("user")) 
    { 
        $user = $query->param("user"); 
        $pass = md5_hex($query->param("pass")); 
    } 
    elsif($query->cookie("lyr_bat")) 
    { 
        ($user, $pass) = split /-/, $query->cookie('lyr_bat'); 
    } 

    if($user and $pass) 
    { 
        my $users = $conn->query("SELECT * FROM lyr_users WHERE user = ?", $user); 
        if($pass eq $users->field("pass")) 
        { 
            $users->field("last_logon", time); 
            $users->update("id"); 
            $cur_user = $user; 
            return $query->cookie(-name => 'lyr_bat', -value => "$user-" . $users->field("pass"), -expires => '+10m', -path => '/') unless $query->param("node") eq "logout"; 
         } 
     } 
     if($query->param("node") eq "logout") 
     { 
         if($user) 
         { 
             my $users = $conn->query("SELECT * FROM lyr_users WHERE user = ?", $user); 
             $users->field("last_logon", 0); 
             $users->update("id"); 
         } 
         $cur_user = undef; 
         return $query->cookie(-name => 'lyr_bat', -value => ''); 
     } 
     return []; 
}

##</code><code>##

my $cookie = authenticate(); 
print $query->header(-cookie => $cookie);