NAME
UserSID - Managing of Session IDs for Users on CGI- and console-scripts
SYSTEM REQUIREMENTS
To use this modul you should have Digest::SHA1 installed.
SYNOPSIS
use Digest::UserSID;
ABSTRACT
The modul uses Digest:SHA1 to create and manage user session-id's which are beeing created by sha1, sha1_hex or sha1_base64 .
Session-id's are valid as long a time-range is used or special environment-variables don't change, depending on the used functions. It's possible to use functions in object-oriented style as well as in function-oriented style.
Session-id's can be generated via CGI as well as from console. Using Digest::UserSID to generate secure CGI-session-id's adds the possibility to use environment-variables for identification.
The current version of Digest::UserSID is available at CPAN and at http://cgi.xwolf.com/ .
DSLI
Digest::UserSID adph Managing session-id's with Digest::SHA1 XWOLF
DESCRIPTION
Object-oriented
new
Creates a new reference for the session id's (SID). It also reads in $UserSID::FILE if possible and saves existing session id's into the hash %UserSID::DATA. Takes a filename in replace for $UserSID::FILE as argument. Example:
use Digest::UserSID;
my $sid = new Digest::UserSID;
my $res = $sid->create($user,$string);
print "key: $sid->{'sha'}\n";
print "time: $sid->{'time'}\n";
dbmopen(%hash,$UserSID::FILE,0644);
%test = %hash;
dbmclose(%hash);
print "Reading UserSID-Data:\n";
my $key;
foreach $key (keys %test) {
print "\t$key: $test{$key}\n";
}create
Gets a SID-reference and a string (e.g. a username) as argument and returns a SHA1-string. Additionally the SHA1-string will be saved in the file given in $UserSID::FILE together with the inputstring and the localtime.
remove
Removes all data of a SID from the $UserSID::FILE, making the SID invalid.
read
$sid->read($loginname), where $loginname is the string for the username and $SID the reference, will return TRUE if this SID was created with $sid-create($loginname) before and the delay between creation and reading is not longer as $UserSID::MAXSECONDS seconds. Also the fields $sid->{'sha'}, $sid->{'time'} and $sid->{'user'} will be filled, where $sid->{'user'} equals $loginname.
update
This function will update the field $sid->{'time'} to the current localtime.
Function-oriented, with use for CGI
makewebsid
Returns a session-string that can be used as a session-variable for CGI-scripts. Needs a string, e.g. a username as argument. Example:
my $pass = makewebsid($user);
print "User $user got SID $pass.....";checkwebsid
Checks if the session-string is still valid and if the used environment is still the same as at calling makewebsid(). Example:
if (checkwebsid($user,$pass)) {
print "SID ok\n";
} else {
print "SID invalid.\n";
}Please note, that checkwebsid() will automatically remove the saved data of a requested $user, if it's not valid in time anymore.
getuserbysid
Returns the username (the string used at makewebsid()) by using the session-string as argument.
removewebsid
Removes all data for the session-id.
AUTHOR INFORMATION
Copyright 1999-2001, Wolfgang Wiese. All rights reserved.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Address bug reports and comments to: xwolf@xwolf.com. When sending bug reports, please provide the version of UserSID.pm, the version of Perl and the name and version of the operating system you are using.
CREDITS
Thanks very much to:
SEE ALSO
the Digest::SHA1 manpage
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 558:
You forgot a '=back' before '=head1'