... use constant SESSION_TIME => '60000'; #ms ... # ---- CGI my $cgi = CGI->new(); my $query = $cgi->Vars(); # ---- SETTINGS my %subs = (); $subs{relative_url} = $cgi->url(-relative=>1); $subs{full_url} = $cgi->url(-full=>1); ... print $cgi->header(-charset=>'ISO-8859-1', -expires=>'+1s', -type=>'text/html', ); if( (exists $query->{sid}) # wenn session existiert and validate_session( $query->{sid} ) ){ # und gültig ist #session verlängern $query->{sid} = time() . "XY" . (split /XY/, $query->{sid})[1]; #settings $subs{self} = $subs{relative_url} . '?sid=' . $query->{sid} . '&file=' . $query->{file}; $subs{query} = '?sid=' . $query->{sid} . '&file=' . $query->{file}; $subs{domain} = "http://" . DOMAIN; $subs{sid} = $query->{sid}; $subs{file} = $query->{file}; ... }else{ #wenn keine session existiert / session nicht gültig ist if( exists $query->{action} and $query->{action} eq "login" and main::validate_login($query->{usn}, $query->{pwd}) ){ $query->{sid} = time() . "XY" . rand(1); $query->{sid} =~ s/\./PT/g; #settings $subs{self} = $subs{relative_url} . '?sid=' . $query->{sid} . '&file=' . $query->{file}; $subs{query} = '?sid=' . $query->{sid} . '&file=' . $query->{file}; $subs{domain} = "http://" . DOMAIN; # erstes einloggen => INDEX print qq~
SID: $query->{sid}
~; print qq~file: $query->{file}
~; }else{ print $loginForm; } } exit( 1 ); ... # -------------------------------------------------------- # SUBS # -------------------------------------------------------- sub validate_login{ # ---- usage # if( validate_login( $query->{usn}, $query->{pwd} ) ){ print "Login ok!\n"; } # ---- requirements # modul: Crypt::PasswdMD5 # $passfile -> File mit USN|PWD(cryptedBy: Crypt::PasswdMD5)\n my ($usn, $pwd) = @_; my $return = 0; open(DAT, $passfile) || die "$! ($passfile)"; flock DAT, 1 if UNIX; my @passfile =