Im creating a web application in Perl using CGI. This application implements the Model View Controller architecture and the system has the following structure in the root directory:
-models -views -controllers -index.pl
The file index.pl only includes the respective views according to certain parameters that are sent to it (using function param() ):
Here's my index.pl:
###############################################
# INDEX.PL
###############################################
#!/usr/bin/perl
use Switch;
use CGI qw/:standard/;
use strict;
use CGI::Session ( '-ip_match' );
my $session = CGI::Session->load();
print header, start_html;
print " Menu
";
if(!$session->is_empty){
#links to other files to which only logged users have access;
}
print 'Login
';
if(defined(param('p'))){
switch(param('p')){ }
##login form in html, which sends param('login') back to index.pl
case 'login' { require('views/login/login.pl'); }
else{ print "Page not found"; }
}
if(defined( param('login'))){
##if param is defined we execute login2.pl
require ('views/login/login2.pl');
}
As you can see if the link Login is accessed the log in form will show, then in the log in form after submitting the email and password the login2.pl file is supposed to load:
login2.pl
###############################################
LOGIN2.PL
###############################################
#!/usr/bin/perl
use CGI qw/:standard/;
use lib qw(../../);
use controllers::UserController;
use CGI::Session ( '-ip_match' );
my $session;
my $mail = param('mail');
my $password = param('password');
my $userc = new UserController();
my $user = $userc->findOneByMail($mail);
if($mail ne '')
{
if($mail eq $user->getEmail() and $password eq $user->getPassword())
{
$session = new CGI::Session();
$session->header(-location=>'index.exe');
}
else
{
print header(-type=>"text/html",-location=>"index.exe?p=login");
}
}
elsif(param('action') eq 'logout')
{
$session = CGI::Session->load() or die CGI::Session->errstr;
$session->delete();
print $session->header(-location=>'index.exe');
}
The login2.pl file executes correctly and it is supposed to create a new session when the mail and password are correct. However, i don't know if the variable $session is correctly sent to index.pl, because the index always shows only the links which do not require an active session. Another problem i have is that i cannot delete a session. I tried creating a variable $session in the index.pl file just to see if the conditional works, and then i supposedly deleted it with the following commands: $session->delete(); $session->flush(); but the session seems to continue to exist.