wip before timeout

diff --git a/cgi-auth-hybrid.pm b/cgi-auth-hybrid.pm
index c5a6b37ac6244934ef834709aaebfa4c3df4174a..a5630428b13d3551cab3b0ba2ad39432829f3dac 100644 (file)
--- a/cgi-auth-hybrid.pm
+++ b/cgi-auth-hybrid.pm
@@ -29,8 +29,11 @@ sub new {
            param_name => 'cah_associd',
            cookie_name => 'cah_associd', # make undef to disable cookie
            cgi => undef,
            param_name => 'cah_associd',
            cookie_name => 'cah_associd', # make undef to disable cookie
            cgi => undef,

-           param_get => sub { $s->_c()->param($s->{S}{param_name}) },
-           cookie_get => sub { $s->_c()->cookie($s->{S}{cookie_name}) : '' },
+           get_param => sub { $s->_c()->param($s->{S}{param_name}) },
+           get_cookie => sub { $s->{S}{cookie_name}
+                               ? $s->_c()->cookie($s->{S}{cookie_name})
+                               : '' },
+           get_method => sub { $s->_c()->request_method() },

        },
        D => undef,
     };
        },
        D => undef,
     };


@@ -94,6 +97,10 @@ sub record_login ($$) {
 }
 
 sub check () {
 }
 
 sub check () {

-    my $passocid = $s->{S}{param_get}();
-    my $cassocid = $s->{S}{cookie_get}();
-    if (
+    my $qassocid = $s->{S}{param_get}();
+    if (!defined $qassocid) {
+       $qassocid = $s->{S}{cookie_get}();
+       return 0 unless defined $qassocid;
+       return 0 unless $s->{S}{get_method}() eq 'GET';
+    }
+