Hi Rakesh,
Well, to block users from other IPs using a fake cookie we need to use use CGI::Session ( '-ip_match' );
Well, I've created a login page an index page, with login/logout capabilities, trying viewing the index page without logging in.
login.pl
Code: Perl
#!/usr/bin/perl
# login.pl
use CGI;
use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;
use CGI::Session ( '-ip_match' );
$q = new CGI;
$usr = $q->param('usr');
$pwd = $q->param('pwd');
if($usr ne '')
{
# process the form
if($usr eq "demo" and $pwd eq "demo")
{
$session = new CGI::Session();
print $session->header(-location=>'index.pl');
}
else
{
print $q->header(-type=>"text/html",-location=>"login.pl");
}
}
elsif($q->param('action') eq 'logout')
{
$session = CGI::Session->load() or die CGI::Session->errstr;
$session->delete();
print $session->header(-location=>'login.pl');
}
else
{
print $q->header;
print <
<form method="post">
Username: <input type="text" name="usr">
Password: <input type="password" name="pwd">
<input type="submit">
</form>
HTML
}
index.pl
Code: Perl
#!/usr/bin/perl
# index.pl
use CGI;
use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;
use CGI::Session ( '-ip_match' );
$session = CGI::Session->load();
$q = new CGI;
if($session->is_expired)
{
print $q->header(-cache_control=>"no-cache, no-store, must-revalidate");
print "Your has session expired. Please login again.";
print "<br/><a href='login.pl>Login</a>";
}
elsif($session->is_empty)
{
print $q->header(-cache_control=>"no-cache, no-store, must-revalidate");
print "You have not logged in";
}
else
{
print $q->header(-cache_control=>"no-cache, no-store, must-revalidate");
print "<h2>Welcome";
print "<a href='login.pl?action=logout'>Logout";
}
I hope this solves your problem.