http://qs1969.pair.com?node_id=1108328

bigup401 has asked for the wisdom of the Perl Monks concerning the following question:

i have this in my home.pl

$id = $session->id(); $session->param('logged_in', $username); $session->expire('+10m'); print "Location: welcome.pl?sid=$id\n\n";

i have this in my welcome.pl

$sid = $cgi->param('sid'); $session = CGI::Session->load($sid); if($session->is_expired) { print $cgi->redirect("home.pl"); print $cgi->header(); } elsif($session->is_empty) { print $cgi->redirect("home.pl"); print $cgi->header(); }

both home.pl and welcome.pl works very well but when i try to place same welcome.pl session code to other page inside welcome.pl, it just redirects me to login, it doesn't read session sid like welcome.pl. eg like if i place welcome.pl session code to myaccount.pl when i click to myaccount.pl, it just redirects me to login and the session is still valid not expired

Replies are listed 'Best First'.
Re: session problem
by Corion (Patriarch) on Nov 25, 2014 at 10:39 UTC

    So, what does $cgi->param('sid') return in myaccount.pl?

    Have you tried debugging what your scripts think what is in the session? Most likely some value in your input data is not what you think it should be. As you already have a working example in welcome.pl and an example that does not wwork in myaccount.pl, it should be easy to find out what myaccount.pl does differently from welcome.pl. Maybe the input to myaccount.pl is different from the input to welcome.pl.

    You could also consider storing the session information in a cookie instead of passing the session around as an URL parameter. Most of the common "easy" frameworks like Mojolicious and Dancer already do that for you. With them, you also don't need to split up your application into separate programs for each different page.

    Also note that in HTTP, a redirect should always be an absolute URL, not a relative URL. So you should better use Location: http://example.com/hello.pl instead of Location: hello.pl.

      the thing is this, no problem with welcome.pl and home.pl.

      home.pl has set the session, so welcome returns a string a983c8302e7a678a2e53c65e8bd3316 its a generated sid from

      home.pl to welcome.pl and welcome.pl looks like this

      welcome.pl?sid=a983c8302e7a678a2e53c65e8bd3316, so that shows session has been set and generated session sid,

      so i want to retrieve same generated session sid to other pages

        So you've established that hello.pl and welcome.pl work as you think they should.

        Have you done the same for myaccount.pl?

        As myaccount.pl and welcome.pl seem to work differently, there must be some difference in what the scripts receive and/or in what they send back.

        Have you tried copying the content of welcome.pl over myaccount.pl to see whether the difference is still there?

        How do you pass the session id from (say) welcome.pl to myaccount.pl?

Re: session problem
by Eily (Monsignor) on Nov 25, 2014 at 10:40 UTC

    You may want to start with CGI::Session::Tutorial, for exemple you could let CGI::Session handle session IDs by itself (even in the parameter list). And maybe letting CGI::Session handle the whole thing through cookies would just work for you.

    How do you "click" on myaccount.pl ? There's not link in the code you provided. And do you know what triggers the redirection, either an empty or an expired session?

    All we see with your code here, is that you try to redirect from home.pl to welcome.pl (why just print the HTTP Location header field yourself when you could use CGI::redirect like in welcome.pl BTW?), and from welcome.pl to home.pl, that's neither helpful nor clear :). And your issue probably doesn't come from that bit of code.