This isnt really a complete program per se - I just placed it here so I wont lose it again. -Sx- #............................................................................ sub verifySessionID { my($encryptBIT, $profsID, $realFN, $realLN, $prjSec, $prjComment) = ''; chdir($Sessions) or &ioError("vsID Directory, CD"); my($xMatched) = 0; # What Sessions are currently active? opendir TARGETDIR, "." or &ioError("vsID Directory, Read"); my(@allfiles) = grep !/^\./, readdir TARGETDIR; closedir TARGETDIR; if (!@allfiles && !$xAuthenticated) { $ercType = "FATAL:"; $buffer = "Security Violation Detected... " . remote_addr(); $ercCode = "

Session ID Missing -- Do not try to break-in!

"; $fccjPointer->delete('flipBit'); &errorReturned($ercType, $buffer, $ercCode); } if ($xAuthenticated) { my($newSessionID) = ''; # One Session ID File per Remote Addr and UserID, # if there is a dup, previous Session is destroyed... # This is our first time thru this Script... $xMatched = 1; # We matched; because this is a new user... $newSessionID = remote_addr() . ".FCCJ." . $usrID; open (sessionHandle, "+>$newSessionID") or &ioError("vsID \(1\) File Create"); # Create a NEW file, over-writing the OLD one... print sessionHandle (remote_addr() . "\|$usrID\|$flipBit\n"); close (sessionHandle); print " Done!"; return; } elsif (@allfiles) { my($newSesID) = '.'; my($x) = -1; for (@allfiles) { $x++; # Let us start at 0, then increment... # Now, we will need to read the file contents... open (sHandle, $allfiles[$x]) or &ioError("vsID \(1\) File Read"); while ($newSesID = ) { chomp($newSesID); # Get rid of CR at end-of-line... my($remoteAddr, $remoteUsrID, $remoteSessionID) = split(/\|/, $newSesID); if (remote_addr() eq $remoteAddr) { $xMatched = 1; # We matched the User's IP Addr... # Split up the SecID Stream... return if ($remoteSessionID eq "FCCJ"); # Obviously the PrjSec FLAG Changed... my($removeRemoteSecID) = substr($remoteSessionID, (rindex($remoteSessionID,"FCCJ"))); my($getRemoteLife) = substr($remoteSessionID, (rindex($remoteSessionID, "FCCJ") + length("FCCJ".$yday))); my($getRemoteSecID) = substr($remoteSessionID, 0, (length($remoteSessionID) - length($removeRemoteSecID))); # verify UserSecID... my($usrExists) = ''; my($usrFile) = $Users . "/user.dat"; # First make sure User ID does already exist! open (vsIDhandle, $usrFile) or &ioError("vsID \(2\) File Read"); while ($usrExists = ) { chomp($usrExists); # Get rid of CR at end-of-line... ($encryptBIT, $profsID, $realFN, $realLN, $prjSec, $prjComment) = split(/\|/, $usrExists); last if ($getRemoteSecID eq $encryptBIT); } close (vsIDhandle); if ($getRemoteSecID ne $encryptBIT) { $ercType = "FATAL:"; $buffer = "Security Violation Detected... " . remote_addr(); $ercCode = "

Invalid Project User ID -- Do not try to break-in!

"; $fccjPointer->delete('flipBit'); &errorReturned($ercType, $buffer, $ercCode); } elsif (((($hour * 60 * 60) + ($min * 60) + $sec) - $getRemoteLife) > $keepAlive) { $ercType = "Error:"; $buffer = "

Session Idle Too Long; You Must Log-in Again... " . remote_addr(); $ercCode = "

NOTICE: Click Here to Log Back In "; $fccjPointer->delete('flipBit'); &errorReturned($ercType, $buffer, $ercCode); } else { if (defined($prjSec) && (index($displayOnly, $prjSec) > -1)) { # Who does not have access? $flipBit = "FCCJ"; return($flipBit); # Turn off security checking and return what was found... } $level = $prjSec; # Otherwise, return the Security Level... # OK, update the Session ID Bit; # if there is a dup, previous Session is destroyed... # Session ID Bits are unique based up IP Addr and User PROFS ID... $xMatched = 1; # We matched; we want the Session ID to renew... my($lifeSpan) = ($hour * 60 * 60) + ($min * 60) + $sec; $flipBit = $getRemoteSecID."FCCJ".$yday.$lifeSpan; # Set the M/F ID Bit with the HH:MM:SS + (Julian Date)... $newSesID = remote_addr() . ".FCCJ." . $profsID; open (xHandle, "+>$newSesID") or &ioError("vsID \(2\) File Create"); # Create a NEW file, over-writing the OLD one... print xHandle (remote_addr() . "\|$profsID\|$flipBit\n"); close (xHandle); return; } } # End of IF } # End of WHILE last if $xMatched; } # End of FOR } # End of ELSIF if (!$xMatched) { $ercType = "FATAL:"; $buffer = "

Security Violation Detected... " . remote_addr(); $ercCode = "

Do not try to break-in!  Program Stopped...

"; &errorReturned($ercType, $buffer, $ercCode); } }