#!/usr/bin/perl

use strict;
use warnings;

use CGI::Session;
use CGI;

my $SIDNAME = CGI::Session->name();

my $cgi = CGI->new;
my $sid = $cgi->cookie($SIDNAME) || $cgi->param($SIDNAME) || undef;

my $session = CGI::Session->load() or die CGI::Session->errstr();
if ( $session->is_empty ) {
    $session = CGI::Session->new() or die CGI::Session->errstr();
}

if ( $session->is_expired() ) {
    print $session->header(),
        $cgi->start_html(),
        $cgi->p("Your session timed out! Refresh the webpage!"),
        $cgi->end_html();
    exit(0);
}

$sid = $session->id;

my $cookie = $cgi->cookie( -name => $SIDNAME, -value => $sid );

my $username = $cgi->param('user') || '';
my $password = $cgi->param('pwd')  || '';

if ( $username ne '1' or $password ne '1' ) {    # Loginparameter falsch
    print $session->header;
    print qq(
		<h1>Login</h1>
		<form action="?$SIDNAME=$sid" method="POST">
		<p>
		User    : <input type="text" name="user">
		<br>
		Passwort: <input type=text name="pwd">
		<br>
		<input type="submit" value="Login">
		<input type="hidden" name="$SIDNAME" value="$sid">
		</p>
		</form>
);
    exit;
}
else {    # Login ok!
    $session->param( 'user',      $username );
    $session->param( 'loggedin',  1 );
    $session->param( 'lastvisit', "" . localtime() );

    print $session->header(
        -location => "intro.pl?$SIDNAME=$sid",
        -cookie   => $cookie,
    );
}