#!/usr/bin/perl
use CGI::Carp qw(fatalsToBrowser);
use CGI qw(:all);
use CGI::Cookie;
use DBI;
use Digest::MD5 qw(md5_hex);
require("../functions.cgi");
require("../config.cgi");
%cookies = fetch CGI::Cookie;
if (defined($cookies{'user_id'}))
{
print "Content-type: text/html\n\n";
print "You are already logged in.";
print "\n";
exit;
}
if (!($ENV{'REQUEST_METHOD'} eq "POST"))
{
{
print "Content-type: text/html\n\n";
print qq~
~;
}
}
else
{
$username = (param('form_user'));
$userpass = (param('form_pass'));
$userpass = md5_hex($userpass);
#check the database
my $dbh = DBI->connect("DBI:mysql:$edt_dbase", $mysql_user, $mysql_pass) or print DBI->errstr;
my $sth = $dbh->prepare("SELECT * FROM $users_table WHERE username = '$username' AND user_password = '$userpass'");
$sth->execute;
if ($sth->rows < 1)
{
print "Content-type: text/html\n\n";
print "Login information incorrect.";
$dbh->disconnect;
print "\n";
exit;
}
else
{
while ($data = $sth->fetchrow_hashref)
{
$u_id = $$data{"user_id"};
my $auth_user = new CGI::Cookie(-name => 'user_id',
-value => $u_id);
my $auth_pass = new CGI::Cookie(-name => 'user_pass',
-value => $userpass);
#$cookieset = $auth_user . ";" . $auth_pass;
print "Set-Cookie: $auth_user\n";
print "Set-Cookie: $auth_pass\n";
print "Content-type: text/html\n\n";
print "Welcome " . $username . ", you have successfully logged in.\n";
print "\n";
}
}
$dbh->disconnect;
}
}
print "(..)";