use DBI;
use CGI qw /:standard/;
use CGI::Cookie;
use warnings;

#print header('text/plain');

my %cookies = CGI::Cookie->fetch;

if (! defined $cookies{'authorized'})
{
        if (param)
        {
                my $username = param('username');
                my $password = param('password');
                my $dbh = DBI->connect("dbi:SQLite:dbname=/path/to/database.db","","");
                my $sth = $dbh->prepare("select * from users where
                                        username = ? and password = ?");
                $sth->execute($username,$password);
                my @row = $sth->fetchrow_array;

                if (@row)
                {
                        #login successful, set authorized cookie
                        my $cookie = CGI::Cookie->new(
                                -name=>'authorized',
                                -value=>1,
                                -path=>'/default/path');
                                #-expires=>'+10m');
                        print redirect(-uri=>'search.cgi',-cookie=>$cookie);


                }

                else
                {
                        &print_login;
                        exit;
                }

        }

        else
        {
                &print_login;
                exit;
        }
}

print redirect('search.cgi');
exit;

sub print_login
{
        print header, start_html('Login'),h1('Login'),
        start_form,
                "Username: ",textfield('username'),br,
                "Password: ",password_field('password'),br,
                submit('Enter'),
        end_form, end_html;
        exit;
}