in reply to setting a cookie on login

Make sure the script starts with 
#!/full/path/to/perl -wT
use strict;
use CGI qw(some imports);
#... rest of program

[download]
then...

You defenitively do not want to store the user name in any form in the cookie. I'd use CGI::Session. General operation looks like this: 

use CGI::Session;

my $query = CGI->new;
my $session = CGI::Session->new(driver:File", $query, {Directory=>'/tm
+p'});

# check if user logged in...
if (validate($query->param('user'),$query->param('user'))) {
   $session->param('user') = $query->param('user');
}

my $user_name = $session->param('user'); #get user name from the sessi
+on (undef unless logged in).

unless ($user_name) {
  # user is not logged in
}
else {
  # user is $user_name
}

# before you print out any content do
print $session->header(); # like $query->header() but with session coo
+kie

[download]
Oh yeah:

Don't forget to clean out '/tmp' once in a while, as this code uses files to store the sessions.

Use the FreezeThaw serializer for CGI::Session if you want to store objects in the session, the default serializer doesn't work for objects.

more info in the CGI::Session documentation

"What should it profit a man, if he should win a flame war, yet lose his cool?"

In Section Seekers of Perl Wisdom