Perl CGI – Session and Cookie howto
Introduction –
Almost 2 year back (today also!) I struggled a lot for implementing session and cookie in Perl CGI application. So thought to share my work with you all. I wanted to do it in my way…
Assumption, your web server ie Apache is enabled to run CGI scripts
CGI directory location – /var/application/www/cgi-bin/
Htdocs location – /var/application/www/
Perl Module direcotry – /var/application/module/
Step 1] Write Auth.pm Perl module –
Please simply copy following Auth.pm perl module for authentication using Session and Cookies…
[root@arun ~]# cat /var/application/module/Auth.pm package Auth; ### Subroutine to authenticate user sub User { my ($ref_page) = (@_); ### Session information my $sid = $ref_page->cookie("APP_SID") || undef; my $session = CGI::Session->load(undef,$sid); if ( $session->is_expired ) { print $ref_page->redirect(-location => '../arun.html');} elsif ( $session->is_empty) { print $ref_page->redirect(-location => '../arun.html');} else { print $ref_page->header();} # don't forget to create dir '/var/tmp' # with proper ownership/permission #$session = new CGI::Session(undef, $sid, {Directory=>'/var/tmp'}); ################################################# return($session->param('login_user')); } 1; [root@arun ~]#
Step 2] authe_me.pl –
authe_me.pl file is used to set cookies and verify username/password. You may use MySQL DB to store username and password. In this case you have to this file…
[root@arun ~]# cat /var/application/www/cgi-bin/auth_me.pl #!/usr/bin/perl sub BEGIN { unshift (@INC, '/var/application/module/'); } use strict; use warnings; use CGI qw(:standard); use CGI::Session; use Auth; ## our module ### Header ######################## my $page = CGI->new(); ##print $page->header(); ########## if ( $ENV{REQUEST_METHOD} eq "POST" ) { my %form; my $session_dir="/var/tmp"; my ($admin_user,$admin_password) = ("admin","arun123"); foreach my $key (param()) { $form{$key} = param($key);} ## if (($form{username}) && ($form{password})) { ### Session Details ### CGI::Session->name("APP_SID"); ## Create new session my $session = new CGI::Session(undef, undef, {Directory=>$session_dir}); ## Set cookies my $cookie = $page->cookie(-name=>$session->name(),-value=>$session->id(),-expires=>'+2h',-path=>'/'); ## Store data in session variable and save it $session->param('login_user',$form{username}); # OR ##$session->param(-name=>'login_user',-value=>$form{username}); $session->save_param($page, ["login_user"]); ## Session and Cookie expiration time is SAME. $session->expire("+2h"); #### Session Details end #### ## if login successful redirect to main.pl else login page if (($form{username} eq $admin_user) and ($form{password} eq $admin_password)) { print $page->redirect(-location => 'main.pl',-cookie=>$cookie);} else { print $page->redirect(-location => '../arun.html'); } ############################ } else { print $page->redirect(-location => '../arun.html'); } } [root@arun ~]#
Step 3] Create Login Page –
[root@arun ~]# cat /var/application/www/arun.html <html> <title>Arun Login Page</title> <!-- Form start --> <table align='center' border='1'> <form method="POST" action="cgi-bin/auth_me.pl"> <tr> <td><label>Login</label></td> <td><input name="username" type="text"></td> </tr> <tr> <td><label>Password</label></td> <td><input name="password" type="password"><br/></td> </tr> <tr> <td><input value="Submit" type="submit"></td> </tr> </form> </table> </html> [root@arun ~]#
Step 4] Create main page where Session and Cookie authentication verified – main.pl
[root@arun ~]# cat /var/application/www/cgi-bin/main.pl #!/usr/bin/perl sub BEGIN { unshift (@INC, '/var/application/module/'); } use strict; use warnings; use CGI qw(:standard); use CGI::Session; use Auth; ### Header my $page = CGI->new(); ## check authentication my $login_name=Auth::User($page); ### print $page->start_html( -title=>'Arun Main Page'); print "<h3>This is Main Page</h3></br>"; print "<br>Login Name - $login_name"; #end [root@arun ~]#
Step 5] Please access login page and try http://your_ipaddr/arun.html
Thank you,
Arun
2 Replies to “Perl CGI – Session and Cookie howto”
hey actually i have made a online tool so how to maintain session. when user choose something on 1st page nd then submit it then it ll call another page and again after submitting the form it will do calculation and call final page. how to maintain session in this.
Hi Vikrant,
Save unique information in session and check session status on every page.
Regards,
Arun