in reply to reg access of stored session variable
I've never used CGI::Session, but this looks wrong:
my $session = CGI::Session->new((undef, $cgi, {Directory=>"/tmp"})); $session = CGI::Session->new();
Do you mean to overwrite the $session variable here?
Also, your DB query in the first script looks susceptible to an SQL injection.
In Section
Seekers of Perl Wisdom