views:

174

answers:

2

We just got our first major Perl CGI assignment in my CS class. Our task is to create an mp3 sharing site that allows users to create accounts, log in, share mp3's. Statistics must be shown of current users, mp3's available, etc. All actions must be written to a log file. Our code must be secure.

So far, I have implemented each of these actions separately as their own CGI scripts. For instance, I have a script that draws the login form, the registration form, a script that allows for mp3 uploads, and another that does the mp3 serving. I've also created a module that posts relevant information to a log file whenever I call an instance of it. However, each script is individual, with the exception of the Login screen, which draws a form and then posts to a login.cgi. The account generation works the same. But, for the most part, each acts on its own.

My question: How do I link this together so that no action is allowed unless the user is logged in? I assume that I should use the login script (the one that receives the post action) to drive everything, but how do I do it? I'm really at a loss here. I would like to have a user log in, a homepage is drawn with options (add mp3, listen mp3, show staistics, etc.) Is it best that I draw some sort of form and with actions set to the different scripts? How do I handle the return from these scripts? Would cookies help in some way?

Other relevant information: I've done most of my work so far in CGI.pm using the ovid tutorial found on this site and Lincoln Stein's book.

+4  A: 

What you want to implement is gererally called "session management".

look here (how-can-i-add-session-management-to-a-simple-perl-cgi-web-page) for a previous SO question

You might want to also look at these pages to get some background.

lexu
+7  A: 

See CGI::Application and CGI::Session with CGI::Application::Plugin::Session.

Sinan Ünür
+1 for CGI-App, the most underrated Perl webapp framework.
friedo
+1 for +1-ing CGI-App
Matthew Lock