# # when a submit happens check session time use CGI; use CGI::Carp; use DBI; my $cgi = CGI->new; my $dbh = DBI->connect('DBI:{driver}:{params}','userid','password') or die "Failed to connect to database" . $DBI::errstr; my $key = $cgi->param('session_key'); # # Force a login if no session key is present print $cgi->redirect('/cgi-bin/login.cgi') unless $key; # Retrieve session info my $sth = $dbh->prepare('select userid,session_time from session where session_key = ?') or die $dbh->errstr; $sth->execute($key); my ($userid,$session_time) = $sth->fetchrow_array(); # # Empty results? Session is invalid print $cgi->redirect('/cgi-bin/login.cgi') unless ($userid) && ($session_time); my $now = time(0); my $passing=$now - $session_time; # Check to see if the session has timed out # if ( $passing > SESSION_TIMEOUT ) { # timeout happened; invalidate the session $sth=$dbh->prepare ('delete from session where session_key = ?') or die $dbh->errstr; $sth->execute($key); print $cgi->redirect('/cgi-bin/login.cgi'); } # # Session is valid, update the time stamp $sth=$dbh->prepare('update session set session_time = ?'); $sth->execute($now); # # and proceed on