use CGI;
use DBI;
my $cgi = CGI->new();
my $db = DBI->connect(....) or die $DBI::errstr;
....

&checksession($cgi, $db);

sub checksession {
  my ($cgi, $db) = @_;
  my $sessionId = $cgi->cookie('sessionid');
  if ($sessionId) {
    my $sessionIdSecure = $db->quote($sessionId);
    my $statement = qq~SELECT * FROM user, access WHERE sesionId = $sessionIdSecure AND ....~;
    my $sth = $db->prepare($statement);
    unless ($sth) { # fehlerabfrage
      die "Error in preparing statement: ", $db->errstr;
    }
    unless ($sth->execute) {
      die "Error in executing statement: ", $db->errstr;
    }
# ..... usw.


} # checksesssion