diff --git a/trunk/functions.pl b/trunk/functions.pl index 37a5859..d37447c 100644 --- a/trunk/functions.pl +++ b/trunk/functions.pl @@ -11,3 +11,14 @@ sub fill_tagcloud { $sth->finish(); $dbh->disconnect(); } + +sub get_username_from_sid { + my ($sid) = @_; + $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass); + my $sth = $dbh->prepare(qq{select username from users where sid = '$sid'}); + $sth->execute(); + my ($username) = $sth->fetchrow_array(); + $sth->finish(); + $dbh->disconnect(); + return $username; +} diff --git a/trunk/index.pl b/trunk/index.pl index 8a061bf..b6c6059 100644 --- a/trunk/index.pl +++ b/trunk/index.pl @@ -9,8 +9,7 @@ my $session = new CGI::Session; $page = XMLin('/var/www/perl/index.xml', ForceArray => 1, KeyAttr => {} ); #fill tags -$page->{sid} = [$session->id]; -$page->{loggedin} = [$session->param('auth')]; +$page->{username} = get_username_from_sid($session->id); fill_tagcloud; diff --git a/trunk/login.pl b/trunk/login.pl index 07197aa..38710f0 100644 --- a/trunk/login.pl +++ b/trunk/login.pl @@ -5,8 +5,9 @@ $session = new CGI::Session; $query = new CGI; if($query->param('action')) { + $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass); + if($query->param('action') eq "login") { - $dbh = DBI->connect("DBI:mysql:$database:$dbhost", $dbuser, $dbpass); my $user = $query->param('user'); my $pass = $query->param('pass'); my $sth = $dbh->prepare(qq{select username from users @@ -16,25 +17,30 @@ if($query->param('action')) { $sth->execute(); if($sth->fetchrow_array()) { - $session->param('auth', 'true'); + my $sid = $session->id; + $sth = $dbh->prepare(qq{update users set sid = '$sid' where username = '$user'}); + $sth->execute(); + $sth->finish(); print $session->header(); print "logged in"; } else { print $session->header(); - print $query->param('action'); + print "could not log you in"; } - $sth->finish(); - $dbh->disconnect(); - } elsif($query->param('action') eq "logout") { - $session->param('auth', 'false'); + $sth = $dbh->prepare(qq{update users set sid = '' where username = '$user'}); + $sth->execute(); + $sth->finish(); + $session->delete(); print $session->header(); print "logged out"; } else { print $session->header(); print "wtf?"; } + + $dbh->disconnect(); } else { print $session->header(); print '