RE: [cgiapp] logging in with CGI::Session and CGI::Application

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cgiapp] logging in with CGI::Session and CGI::Application

Subject: RE: [cgiapp] logging in with CGI::Session and CGI::Application
Date: Tue, 17 Dec 2002 21:40:44 +0800
From: "Franki" <suppressed>

right you are....

I am already using CGI::Session

Thats what this is:
my ($user_id, $session) = get_ID($form_parameters);

Here is the sub in question:
 sub get_ID
 {
     my $form_parameters = shift;
     my $user_id =  $form_parameters->param('ID') || undef;
     my $session = new CGI::Session(undef, $user_id, {Directory=>'D:/tmp',
expire=>'+15m'});
     unless ($user_id)
     {
     $user_id = $session->id();
     }
     return ($user_id, $session);
}

it checks to see if there is a CGI::Session associated with the $user_id..
and it also checks if an ID was passed via form parameters..

I put it in a sub, because I call it at each invocation of the script..

All the links in the application contain the ID... and I have called
CGI::Session with the ipcheck enabled..

Thanks for your input though..

One thing though.. sort OT.. have I got the expiry set correctly above?
expire=>'+15m'  I am not sure its working correctly.

I had never used CGI::Session before either..

regards

Frank

-----Original Message-----
From: William McKee [mailto:suppressed
Sent: Tuesday, 17 December 2002 9:23 PM
To: Franki
Cc: suppressed
Subject: RE: [cgiapp] logging in with CGI::Session and CGI::Application

On 17 Dec 2002 at 0:28, Franki wrote:
> Please let me know if you see any holes in it..

Hi Franki,

The code you submitted looks workable. Unless you're doing some behind-the-
scenes work to maintain state, the 'logged_in' session parameter that you
set is not kept between invocations of the script. Thus the ($session-
>param("logged_in")) check is pointless.

For maintaining state, you could pass in hidden parameters or use a module
such as CGI::Session or Apache::Session for state maintenance needs. Check
the list archives for more details.

William

--
 Lead Developer
 Knowmad Services Inc. || Internet Applications & Database Integration
 http://www.knowmad.com

---------------------------------------------------------------------
Web Archive:  http://www.mail-archive.com/suppressed/
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed

Follow-Ups:
- RE: [cgiapp] logging in with CGI::Session and CGI::Application
  - From: William McKee

References:
- RE: [cgiapp] logging in with CGI::Session and CGI::Application
  - From: William McKee

Prev by Date: RE: [cgiapp] logging in with CGI::Session and CGI::Application
Next by Date: RE: [cgiapp] logging in with CGI::Session and CGI::Application
Previous by thread: RE: [cgiapp] logging in with CGI::Session and CGI::Application
Next by thread: RE: [cgiapp] logging in with CGI::Session and CGI::Application
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.