Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: cookie problem

by fishmonger (Chaplain)
on Nov 12, 2014 at 15:33 UTC ( [id://1106985]=note: print w/replies, xml ) Need Help??


in reply to cookie problem

Here's an example taken from one of my working apps that uses CG::Session, which I feel is a cleaner and better way to handle the cookie/session data. I had to strip out a few things for privacy reasons, but all of the key elements are there.

The login page

#!/usr/bin/perl

use warnings;
use strict;
use DBI;
use CGI;
use CGI::Session;
use HTML::Template;
use Crypt::PasswdMD5;

my $title     = 'Email Administration Login';
my $cgi       = CGI->new;
my $self      = $cgi->url;
my %login     = $cgi->Vars;
my $session   = CGI::Session->new or die CGI::Session->errstr;
my $template  = HTML::Template->new(
                      filename          => '../../html/emadmin/login.t
+mpl',
                      associate         => [$session],
                      die_on_bad_params => 0,
                      global_vars       => 1,
                      cache             => 0,
                );

$session->clear if $cgi->param('logout');
$session->param('hostname', `hostname`);

if ( $cgi->param('Login') ) {
   my $home = 'http://emailadmin.company.com/admin/search.pl';
   print $cgi->redirect($home) if authenticated_user(\%login);
}

print $session->header;
print $template->output;

######################################################################
+##########


sub authenticated_user {
    
    my $login = shift;

    $session->param('login_failed',
                    'Invalid username, or password...Please try again'
+);

    if ( defined $login->{'username'} && defined $login->{'password'} 
+) {

        my ($encrypted_pass, $roll, $name) = query_DB($login->{'userna
+me'});

        if ( $encrypted_pass ) {

            my $salt = substr($encrypted_pass, 3,8);
            my $password = unix_md5_crypt( $login->{'password'}, $salt
+ );

            if ( $password eq $encrypted_pass ) {

                $session->clear('login_failed');
                $session->param('logged_in', 1);
                $template->param('logged_in', 1);
                $session->param('admin', $login->{'username'});
                $session->param('roll', $roll);
                $session->param('gic', 1) if $roll eq 'admin';
                return 1;
            }
        }
   }
   return 0;
}

[download]

The page/script it redirects to on successful login

#!/usr/bin/perl

use warnings;
use strict;
use DBI;
use CGI;
use CGI::Session;
use HTML::Template;

my $cgi     = CGI->new;
my %form    = $cgi->Vars;
my $session = CGI::Session->load;

if ($session->is_empty or $session->is_expired or !$session->param('lo
+gged_in')) {
    my $login_page = 'http://emailadmin.company.com';
    print $cgi->redirect($login_page);
}

print $cgi->header;

my $template = HTML::Template->new(filename => '../../html/emadmin/sea
+rch.tmpl',
                                   associate => [$session],
                                   global_vars => 1);

$template->param(title => 'Email Administration - Search Page');
$template->param(gic => 1) if $session->param('roll') eq 'admin';


if ( exists $form{'locate'} ) {
    my @search_results = search_abook($form{searchfield}, $form{search
+value});

    if ( @search_results ) {
        $template->param(found =>  scalar @search_results);
        $template->param(results => \@search_results);
    }
    else {
        $template->param(not_found => 'Unable to locate any users matc
+hing your query');
    }
}

print $template->output;

[download]

Replies are listed 'Best First'.
Re^2: cookie problem
by Anonymous Monk on Nov 12, 2014 at 16:31 UTC
    yes cgi::session works for me well and is very nice and easy and faster bt i have tried cookies and failed 1 time so i want to understand where is the problem i really dont understand why cookie doesn;t work, i have seen a lot of post reporting problems on cookie, perl cookie is so complicated,
[reply]
      #!perl
# home.pl
use strict;
use CGI;

my $q = new CGI;
print $q->header(),$q->start_html,
$q->start_form(-method=>"post",-action=>"wel.pl"),
$q->b("ID : "),
$q->textfield(-name=>"id", -value=>$q->cookie('id')),
$q->submit(),$q->end_form,$q->end_html; 


#!perl
# wel.pl
use strict;
use CGI;

my $q = new CGI;
my $id = $q->param('id');
my $cookie = $q->cookie(
   -name => 'id',
   -value => $id,
   -expires => '+2m',
   -path => '/');

if ( ! $id ){
  print $q->redirect(-uri=>"home.pl", -cookie=>$cookie);
} else {
  print $q->header(-cookie=>$cookie);
  print $q->start_html,
$q->a({-href=>'home.pl'},'home'),
$q->p("Hello $id"),$q->end_html; 
}

      [download]
      poj
[reply]
[d/l]

        There are 2 things to be aware of when using print $q->redirect(-uri=>"home.pl", -cookie=>$cookie); as pointed out in the CGI documentation under Generating_a_redirection_header.

        1) You should always use full URLs (including the http: or ftp: part) in redirection requests. Relative URLs will not work correctly.
        2) All names arguments recognized by header() are also recognized by redirect(). However, most HTTP headers, including those generated by -cookie and -target, are ignored by the browser.

        I take from those 2 comments that the results could be unpredictable.

[reply]
[d/l]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1106985]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others scrutinizing the Monastery: (2)
As of 2024-04-20 05:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found