#!/usr/bin/perl
use strict;
use warnings;
use CGI;
use CGI qw(:standart);
use CGI::Carp qw(fatalsToBrowser);
use HTML::Template;
use Digest::MD5 qw(md5_hex);
use DBI;
require("config.cgi");
our %config;
my $cgi = CGI->new();
my $template = HTML::Template->new(filename => "$config{'path'}/check.tmpl");
my $user_input = CGI::param('user');
my $pass_input = CGI::param('pass');
if(($user_input eq "") || ($pass_input eq ""))
{
$template->param(
path => $config{'htmlpath'},
weiterleitung => "index.cgi",
farbe => "red",
checkausgabe => "Please insert your Username and Password"
);
}
elsif((defined($user_input)) && (defined($pass_input)))
{
my $user = md5_hex($user_input);
my $pass = md5_hex($pass_input);
if(($user eq $config{'login_user'}) && ($pass eq $config{'login_pass'}))
{
my $session_id = int(rand(9999999999));
my $sid = md5_hex($session_id);
$template->param(
path => $config{'htmlpath'},
weiterleitung => "online.cgi?id=$sid",
farbe => "green",
checkausgabe => "Welcome Master"
);
my $dbh = DBI->connect("dbi:mysql:$config{'mysql_db'}", "$config{'mysql_user'}", "$config{'mysql_pass'}");
my $sth = $dbh->prepare("SELECT SessionID FROM session_id") || die "$DBI::errstr
";
$sth->execute() || die "$DBI::errstr
";
my $ausgabe = $sth->fetchrow_array();
if($ausgabe eq "")
{
$sth = $dbh->prepare("INSERT INTO session_id SET SessionID=MD5('$session_id')") || die "$DBI::errstr
";
$sth->execute() || die "$DBI::errstr
";
$sth->finish();
}
else
{
$sth = $dbh->prepare("UPDATE session_id SET SessionID=MD5('$session_id')") || die "$DBI::errstr
";
$sth->execute() || die "$DBI::errstr
";
$sth->finish();
}
}
else
{
$template->param(
path => $config{'htmlpath'},
weiterleitung => "index.cgi",
farbe => "red",
checkausgabe => "Wrong Username or Password! Please try again ..."
);
}
}
else
{
$template->param(
path => $config{'htmlpath'},
weiterleitung => "index.cgi",
farbe => "red",
checkausgabe => "OH MY GOD «ERROR» "
);
}
print $cgi->header();
print $template->output();