#!perl.exe
use strict;
use IO::Handle;
use DBI;
use CGI;
use CGI::Session;
use CGI::Carp qw(fatalsToBrowser warningsToBrowser);
my $dbhost = "localhost";
my $database = "sensor";
my $dbuser = "root";
my $dbpass = "";
my $dsn = "DBI:mysql:database=$database; host=$dbhost";
my $dbh = DBI->connect($dsn, $dbuser, $dbpass) or die DBI::errstr;
my $cgi = new CGI;
my $select;
my $passwort;
my $user;
my $i=0;
my $session;
my $SESSION_EXPIRESAFTER = '+1h'; # nach einer Stunde, notfalls länger 1 W oder 1M
my $SIDNAME = CGI::Session->name();
my $sid = $cgi->cookie($SIDNAME) || $cgi->param($SIDNAME) || undef;
$session = CGI::Session->load() or die CGI::Session->errstr();
$session->expires($SESSION_EXPIRESAFTER);
if ( $session->is_empty )
{
$session = CGI::Session->new() or die CGI::Session->errstr();
}
if ( $session->is_expired() )
{
print $session->header(),
$cgi->start_html(),
$cgi->p("Your session timed out! Refresh the webpage!"),
$cgi->end_html();
exit(0);
}
my $cookie = $cgi->cookie(
-name => $SIDNAME, -value => $sid,
-httponly => 1,
-expires => $SESSION_EXPIRESAFTER,
);
$sid = $session->id;
my $errormessage;
if($cgi->param('login'))
{
$select = $dbh->prepare("select benutzer,passwort from benutzer WHERE benutzer=? AND passwort=?;");
$select->execute($cgi->param('user'), $cgi->param('pwd'));
while(($user, $passwort) = $select->fetchrow_array)
{
if(($user eq $cgi->param('user')) && ($passwort eq $cgi->param('pwd')))
{
$i++;
$session->param( 'user',$user );
$session->param( 'loggedin', 1 );
$session->param( 'lastvisit', "" . localtime() );
my $next_url = 'intro.cgi';
print $session->header
(
-location => $next_url,
-cookie => $cookie
);
print "Anmeldung erfolgreich! Sie werden weitergeleitet...";
exit;
}
}
if(! $i)
{
$errormessage = "Anmeldung fehlgeschlagen!";
}
}
print $session->header( -type => 'text/html');
print "";
print "";
print "";
print "