I want my scripts to maintain state when a user's session expires. When that happens I send them to a login page and here's what I am working on in the module that does the authentication:
my @names = $cgi->param(); my $hiddens; foreach my $name(@names) {$hiddens .= $cgi->hidden($name)} # Open the html template. my $template = HTML::Template->new(filename => "$template_path/login.tt"); print $session->header(); $template->param(msg => "$msg"); $template->param(userfield => $cgi->textfield(-name=>'user', -size=>15, -maxlength=>30)); $template->param(password_field => $cgi->password_field(-name=>'password', -size=>15, -maxlength=>30)); $template->param(script_name => $ENV{'SCRIPT_NAME'}); $template->param(hiddens => $hiddens); print $template->output; In my login.tt page I have this: <form id="login" action="<tmpl_var name="script_name">" method="post"> <tmpl_var name="userfield"> <tmpl_var name="password_field"> <input type="submit" value="Login"> <tmpl_var name="hiddens"> </form> Now, this works pretty good, but I'm thinking I need to make sure the script name is valid before sending the user on. So, what I'm thinking is to compare it to a list of valid script names and if it doesn't pass the test I'll send the user an error message. Should that be good? Or do I need to ditch the $ENV{'SCRIPT_NAME'}) approach all together? Kindest Regards, Bill Stephenson -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/