NAME

Mail::SpamCannibal::Session - session management utilities

SYNOPSIS

  use Mail::SpamCannibal::Session qw(
        encode
        decode
        mac
        new_ses
        clean
        validate
        sesswrap
  );

  $encoded = encode($string);
  $string = decode($encoded);
  $mac = mac(@elements);
  $sess_id=new_ses($base64ID,$session_dir,\$error,$ses_val);
  $var = clean($tainted);
  $user=validate($session_dir,$sess_id,$secret,\$error,$expire);
  ($user,$content,$file)=validate($session_dir,$sess_id,$secret,\$error,$expire);
  $rv = sesswrap($command,$stdin);

DESCRIPTION

Mail::SpamCannibal::Session provides utilities to manage web sessions.

$encoded = encode($string);

This function encodes an ascii string into the URL and Filename safe Base64 character set. Character 62 (0x3E) "+" is replaced with a "-" (minus sign) and character 63 (0x3F) "/" is replaced with a "_" (underscore). Pad characters "=" are removed.
```
  input:        ascii string
  returns:      modified Base64 encoded string
```
$string = decode($encoded);

This function decodes a <URL and Filename safe> Base64 encoded string.
```
  input:        encoded string
  returns:      text string
```
$mac = mac(@elements);

This function makes a URL and Filename safe BASE64 MD5 hash of from the supplies text string(s). Character 62 (0x3E) "+" is replaced with a "-" (minus sign) and character 63 (0x3F) "/" is replaced with a "_" (underscore).
```
  input:        one or more input elements
  returns:      modified base64 string
```
$sess_id = new_ses($base64ID,$session_dir,\$error,$ses_val);

Create a new session and return the identifying string.
```
  input:        session directory path,
                base64 unique ID, (URL safe)
                secret key for MAC,
                pointer to $error scalar,
                [optional] value for session
                file contents, default -1
```
Normally the session file is created containing a -1 with the presumption that the login procedure and password verification was successful. If the application needs to track conditional login attempts, then the session value can be initialized to a positive value and the 'validate' function (below) will return a false (undef) for 'user' when called with a SCALAR return value. The application must set the session value negative for the 'user' string to be returned.
```
  returns:      session ID or undef
```

$var = clean($tainted);

Clean a tainted variable;

  input:        tainted var
  returns:      clean var

$user=validate($session_dir,$sess_id,$secret,\$error,$expire);
($user,$content,$file)=validate($session_dir,$sess_id,$secret,\$error,$expire);

Validate a current session. The session directory is swept for sessions that have exceeded the expire time (seconds), then checked for the presence of a matching session. On error, a descriptive message is placed in the external scalar $error and undef is returned.
```
  input:        session directory path,
                session ID,
                secret key for MAC,
                pointer to error,
                expire (seconds) [optional]
                        default = 15 minutes

  returns:      scalar: user name or undef
                array: (user,contents,sess file)
                        or ()
```
NOTE: in SCALAR mode, the return value will always be false if the session contents are > 0.
$rv = sesswrap($command,$stdin);

Execute a session wrap command and return results.
```
  input:        command string,
                stdin string [optional]
  returns:      wrapper output
```
The wrapper is opened with the command string in it's command line. $stdin, if any, is written to the wrapper's STDIN.

For calls which have a $stdin argument, this routine uses 'fork' and spawns a child httpd process. The routine is enhanced for modperl to properly kill off the child

DEPENDENCIES

        none

EXPORT_OK

        encode
        decode
        mac
        new_ses
        validate
        sesswrap

COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

AUTHOR

Michael Robinton <michael@bizsystems.com>

To install Mail::SpamCannibal, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mail::SpamCannibal

CPAN shell

perl -MCPAN -e shell
install Mail::SpamCannibal

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)