We just got our first major Perl CGI assignment in my CS class. Our task is to create an mp3 sharing site that allows users to create accounts, log in, share mp3's. Statistics must be shown of current users, mp3's available, etc. All actions must be written to a log file. Our code must be secure.
So far, I have implemented each of these actions separately as their own CGI scripts. For instance, I have a script that draws the login form, the registration form, a script that allows for mp3 uploads, and another that does the mp3 serving. I've also created a module that posts relevant information to a log file whenever I call an instance of it. However, each script is individual, with the exception of the Login screen, which draws a form and then posts to a login.cgi. The account generation works the same. But, for the most part, each acts on its own.
My question: How do I link this together so that no action is allowed unless the user is logged in? I assume that I should use the login script (the one that receives the post action) to drive everything, but how do I do it? I'm really at a loss here. I would like to have a user log in, a homepage is drawn with options (add mp3, listen mp3, show staistics, etc.) Is it best that I draw some sort of form and with actions set to the different scripts? How do I handle the return from these scripts? Would cookies help in some way?
Other relevant information: I've done most of my work so far in CGI.pm using the ovid tutorial found on this site and Lincoln Stein's book.
See CGI::Application and CGI::Session with CGI::Application::Plugin::Session.
What you want to implement is gererally called "session management".
look here (how-can-i-add-session-management-to-a-simple-perl-cgi-web-page) for a previous SO question
You might want to also look at these pages to get some background.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With