You have to do this, not the server. Imagine user A is looking at a web page. On that web page, it says, "Hello user A", which is a result of a template, say, welcome.tmpl, which says "Hello user <TMPL_VAR USERNAME>", which, in turn, is filled by a script, say, query.cgi, which queries a data store $tmpl->param(USERNAME => $self->getuser).

Since query.cgi was called by user A, which caused welcome.tmpl to be filled with the retrieved values and sent back to user A, user B can never see what user A requested. This is because the web is stateless. One query does not know from another, even from the same user, let alone from different users. Unless...

Unless, user A is requesting something that is held in the server's memory. This is where things get screwy. This is where the concept of sessions comes in. Somehow, you, the programmer, has to ensure that the web server "remembers" who is requesting what. The web server can't do that on its own. You have to do something to make this happen. An excellent way to do that is by using a module such as CGI::Session, or CGI::Application::Plugin::Session, essentially a wrapper around the former.

Using sessions, you utilize a cookie (or a URI parameter) to make one request be connected to a previous request. Then you utilize that connection to make sure you are getting the correct data back for the user that has requested it.

Many thanks :)

I don't know whether I'm doing it correctly. I've a template page named form.tt. On this template, I've a template variable "key" (<TMPL_VAR key>). When a user A requests the page, the template variable is filled with a random MD5 hash. For illustration, here's the tear-down code:

use CGI;
our $q = new CGI;
sub do_form {
    my $href;
    $href->{key} = md5_hex(time() . '-' . $$ . '-' . rand());
    to_template(
        output => $href,
        tmpl   => 'form.tt'
    );
}

sub to_template {
    my %hash = @_;
    print $q->header;
    require Template;
    my $template = HTML::Template -> new(filename => "/templates/$hash
+{tmpl}");

    $template->param(map { defined $hash{output}->{$_} ? ($_ => $hash{
+output}->{$_}) : () } keys %{$hash{output}});
    print $template->output;
}

sub process_form {
    my $params = $q->Vars;
    debug($params->{key});
}
[download]

Assume users A and B access the form at the same time, both should get a different key set on their respective form. Am I right?

Now A and B submit the form at the same instant, does the variable $params->{key} hold the right value of each user? Is it possible for user B's submission to get the value of A's key?

Use a server that's well tested, and that's used by many others.