sub CreateSession {
    my ($user, $password) = @_;
   
    return "Wrong user/password"
        unless my_check_function($user, $password);

    return my_new_session_id($user, $password);
}

##</code><code>##

sub foo {
    my ($session_id) = @_;

    return "Authentication error" unless session_ok($session_id);

    return 'foo';
}