use Crypt::CBC; use CGI; my $q = new CGI; my $encryption_method = "Blowfish"; # get cookie my ($login, $password, $pophost, $smtphost, $session) = getcookie(); ## do something here such as fill template et. al. # set cookie my $cookie = setcookie($login, $password, $pophost, $smtphost, $session); print $q->header(-cookie=>$cookie, -expires => "now"); print $template->output; ############################################ sub setcookie { ############################################ my $login = shift; my $password = shift; my $pophost = shift; my $smtphost = shift; my $session = shift; my $key = $ENV{UNIQUE_ID}; my $ciphertext; my $cipher = new Crypt::CBC($key, $encryption_method); $ciphertext = $cipher->encrypt($password); open ID, ">$Conf::tmp_dir/$session" or print_error("write_error"); print ID $key; close ID; my $cookie = $q->cookie( -name => "zf_webmail", -value => { pop3 => $pophost, smtp => $smtphost, login => $login, password => $ciphertext, id => $session, }, -expires => '+10m'); return $cookie; } ########################################### sub getcookie { ########################################### my %cookies = $q->cookie(-name => "zf_webmail"); my $login = $cookies{login}; unless ($login) { # no cookie -> no session # print error } else { my $ciphertext = $cookies{password} or print_error("no_cook_password"); my $pophost = $cookies{pop3} or print_error("no_cook_pop3"); my $smtphost = $cookies{smtp} or print_error("no_cook_smtp"); my $session = $cookies{id} or print_error("no_cook_session"); my $password; open ID, "$Conf::tmp_dir/$session" or print_error("read_error"); my $key = ; close ID; my $cipher = new Crypt::CBC($key, $encryption_method); $password = $cipher->decrypt($ciphertext); return ($login, $password, $pophost, $smtphost, $session); } }