Re^4: Sessions Questions

Hi: I'd love to have you explain what you think is in %query It is used all over and contains the parameters (pairs) of the request. "Sets expiration date relative to atime(). so Now() + (86400*7) was real huge considering now is something close to 1488409938." Indeed. Tried with Now() + 7d and it did not work. There is a skunk in the woodpile somewhere. Please bear with me, I have not "really" revisited this code for 12-13 years.


#---------------------------------------------------------------------
+----------
# Log File Functions
#---------------------------------------------------------------------
+----------
# FUNCTION: AccessInOutLog($username, $forename, $lastname, $timein,$i
+paddress,$timeout);
# DESCRIPTION: Enters user information in log file
#---------------------------------------------------------------------
+----------
sub AccessInOutLog {
     use Time::localtime;
     my $username = $session->param('username');
     my $forename = $session->param('forename');
     my $lastname = $session->param('lastname');
     my $timein = $session->param('timein');
     #my $ipaddress = $session->remote_addr();
     my $timeout = $session->param('timeout');

     warn("AccessInOutLog line 688: $username  $forename  $lastname $t
+imein $ipaddress $timeout");

#---------------------------------------------------------------------
+----------
#    Format the log in time
     my $tm = localtime($timein);
     my $intimestamp =  sprintf("Log In: %4d-%02d-%02d %02d:%02d:%02d"
+,$tm->year + 1900,$tm->mon + 1,$tm->mday,$tm->hour,$tm->min,$tm->sec)
+;
     warn "$timein,$intimestamp";
#---------------------------------------------------------------------
+----------
#    Format the log out time
     $tm = localtime($timeout);
     my $outimestamp =  sprintf("Log Out: %4d-%02d-%02d %02d:%02d:%02d
+",$tm->year + 1900,$tm->mon + 1,$tm->mday,$tm->hour,$tm->min,$tm->sec
+);
     warn "$timeout,$outimestamp";
#---------------------------------------------------------------------
+----------
#    Open the log file and append the entries
     open(ACCESSLOG, "+>>$admin_log_file") or LogErrorMessage("Unable 
+to open log file $admin_log_file\n");
     print ACCESSLOG $intimestamp . " " . $outimestamp . "  Username =
+ " . $username . "  Name = " . $forename . " " . $lastname . "  IP Ad
+dress = " . $ipaddress . "\n";
     close(ACCESSLOG);
}
[download]

Example from log: Log In: 2017-02-26 11:32:16 Log Out: 1969-12-31 18:00:00 Username = admin Name = Admin Access IP Address = 72.168.129.123 Log In: 2017-02-26 15:55:14 Log Out: 1969-12-31 18:00:00 Username = admin Name = Admin Access IP Address = 72.168.129.123 Log In: 2017-02-26 18:06:59 Log Out: 1969-12-31 18:00:00 Username = admin Name = Admin Access IP Address = 72.168.129.123 Log In: 2017-02-26 18:10:31 Log Out: 1969-12-31 18:00:00 Username = admin Name = Admin Access IP Address = 72.168.129.123 Log In: 2017-02-26 19:08:26 Log Out: 1969-12-31 18:00:00 Username = admin Name = Admin Access IP Address = 72.168.129.123 Log In: 2017-02-27 23:47:36 Log Out: 1969-12-31 18:00:00 Username = admin Name = Admin Access IP Address = 72.168.129.123

Comment on Re^4: Sessions Questions Download Code

Replies are listed 'Best First'.
Re^5: Sessions Questions by huck (Prior) on Mar 02, 2017 at 16:03 UTC
It is used all over and contains the parameters (pairs) of the request. No it isnt/doesnt, $query seems to have a cgi object in it, but %query (a whole nother thing) if dumped would look like `{ $dsn =>$sql_username, $sql_password =>$sql_user_table, $sql_session_table =>$passhash, $sessionhash =>$uvId, $username =>$ipaddress }` [download] $query->param(...) is not the same as $query{admin} (which at times contains '72.168.129.123'). Those wern't the error.log lines of interest, the ones from this were `warn ("****LOGIN ATTEMPT USER INFORMATION Uid: $uid username: $us +ername password: $password ipaddress: $ipaddress");` [download] I understand old code too, been looking over the stuff i wrote back in '96, full of &subroutine calls, var=... statements, raw socket setups, and require 'cgi-lib.pl' statements. But i cant find the dos bigperl code, it may only exist on floppys now You need to step back and look at what is really going on, not what you think is going on. you are using global variables that you dont know where they are being set, ie `#my $ipaddress = $session->remote_addr(); warn("AccessInOutLog line 688: $username $forename $lastname $t +imein $ipaddress $timeout");` [download] I showed $session->expires() still works just fine, if you are not getting what you want by it you need to find out everywhere you change it and figure out which one is the last one to change it. And warn(...) to the error.log is not the way to debug. You have stuff in there that shouldnt be there. Those logs could be archived for years and years.	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^5: Sessions Questions
by huck (Prior) on Mar 02, 2017 at 16:03 UTC

It is used all over and contains the parameters (pairs) of the request. No it isnt/doesnt, $query seems to have a cgi object in it, but %query (a whole nother thing) if dumped would look like

{
$dsn               =>$sql_username,
$sql_password      =>$sql_user_table,
$sql_session_table =>$passhash,
$sessionhash       =>$uvId,
$username          =>$ipaddress
}
[download]

Those wern't the error.log lines of interest, the ones from this were

warn ("*****LOGIN ATTEMPT USER INFORMATION Uid: $uid username: $us
+ername  password: $password ipaddress: $ipaddress");
[download]

I understand old code too, been looking over the stuff i wrote back in '96, full of &subroutine calls, *var=... statements, raw socket setups, and require 'cgi-lib.pl' statements. But i cant find the dos bigperl code, it may only exist on floppys now

You need to step back and look at what is really going on, not what you think is going on. you are using global variables that you dont know where they are being set, ie

     #my $ipaddress = $session->remote_addr();
     warn("AccessInOutLog line 688: $username  $forename  $lastname $t
+imein $ipaddress $timeout");
[download]

And warn(...) to the error.log is not the way to debug. You have stuff in there that shouldnt be there. Those logs could be archived for years and years.

[reply]
[d/l]
[select]