Valuable bonus points* will be awarded to the first person to detect the stupid error found in this code snippet:
# Check the login credentials
my $username = untaint_string($self->query->param("username"));
my $password = untaint_string($self->query->param("password"));
if($username ne "" and $password ne "")
my $user = KW::Users->retrieve($username);
if($user and $user->login_password eq encrypt($password))
# Last check! User info matches, but are they active?
if($user->active_yn eq "Y")
# Log the user in
$self->param("message", "Please enter a valid username and password combination.")
unless $self->session->param("is_logged_in", 1);
# Return the user to their chosen destination
Stupid mistake aside, there's a bigger issue above that I am unsure as to how to deal with. Traditionally, I've used the session parameter message when I've wanted to tell my output function to throw a message at the top of the page (to indicate an error, etc.). I've always done this in the context of a single script before - for example, user is trying to login (as above), fails the login (and therefore sets a message), and I call the function to redisplay the login form again, and the message gets displayed. Nowadays, I'm potentially redirecting to another script in another process, and so my message parameter goes out of scope. Any suggestions on how to do what I want?
Thanks in advance!
* Valuable Bonus Points have no real or imaginary value. They do, however, give you bragging rights (for whatever THAT is worth!)