Dazz45X has asked for the wisdom of the Perl Monks concerning the following question:

Hello Perlmonks I have been incorporating a login system into my site, the scripts for the site are perhaps stretching back 15 years and include old code and new so some of it is cobbled together but it works. I have a login script that generates and sets a cookie and includes username, password and login value it also validates the user with the site database so if the user enters the correct data they will get the cookie, if not no cigar. This works correctly and places the cookie on the users machine and my server. The main script controls the rest of the site. My problem is this. I am using the following code at the start of the script

 %cookies = CGI::Cookie->fetch;
        $sessionid = $cookies{'CGISESSID'}->value;
     $session = CGI::Session->load(undef, $sessionid, {Directory=>''})
+ or die CGI:Session->errstr();
    $login  = $session->param('login');
    $logswitch = ($login);

[download]

$logswitch is the variable to switch the username and password entry screens on and off (i.e. 1 and 0) With the above code when the user is logged in all works correctly, when the user is not logged in (ie no cookie) I get a 'Can't call method "value" on an undefined value' error. To negate this I have tried this code

    if (exists $cookies{name}) {
     %cookies = CGI::Cookie->fetch;
        $sessionid = $cookies{'CGISESSID'}->value;
      $session = CGI::Session->load(undef, $sessionid, {Directory=>''}
+) or die CGI::Session->errstr();
    $login  = $session->param('login');
    $logswitch = ($login);
}

[download]

This works well for a user with no cookie but if the user logs in, the value of $logswitch remains undef and so fails to trigger the click through screens. Any help would be appreciated as I have been on this for days now, I think I've read everything on CPAN and I use strict, warnings, diagnostics and anything else I can lay my hands on in all of my scripts. I may just be brain frazzled at the moment so apologies if it's obvious, just can't see it myself. Thank you in advance Dazz

Replies are listed 'Best First'.
Re: Fetching cookies without errors?
by Corion (Patriarch) on Aug 23, 2017 at 12:36 UTC

    If you want to fetch the value of $cookies{'CGISESSID'}, why do you check whether $cookies{'name'} exists?

    Maybe all you need to do is to check whether $cookies{'CGISESSID'} exists?

[reply]
[d/l]
[select]
      Thank you for your reply Corion but it doesn't seem to matter that much the problem is with the ->value. If a cookie doesn't exist it flags a 'Can't call method "value" on an undefined value at line #' because it's trying to read a value from a cookie that doesn't exist? I was using the if (exists $cookies line to lose the error but when a cookie does exist the if line seems to stamp on the data leaving it undef?
[reply]
        if (exists $cookies line to lose the error but when a cookie does exist the if line seems to stamp on the data leaving it undef?

        That will be because in your sample code you overwrite the %cookies hash immediately on the next line. Don't do that if the hash already exists (it's pointless).

[reply]
[d/l]
Re: Fetching cookies without errors?
by poj (Abbot) on Aug 23, 2017 at 15:21 UTC
[reply]
      Read it, re-read it and slept on it but just can't see it in my situation. Like I said this is the first time I've picked it up in years and it's fried my brain. Thanks
[reply]

        Here is some simple code to do what you are suggesting. On note is i use a custom cookie name TSSID. 

        #!/usr/bin/perl
use strict; use warnings; 
select STDOUT; $| = 1;



  my $session_dir='/home/huck/monks-sessions';  # must exist and be wr
+iteable by www userid 
  my $expires='+1m'; # '+7d' '+1h' ; 

  my $cookieexpires=$expires; 

#  use dbi::ezdbiutil        qw/ezdbi_gethash/; 

  use CGI;

  use CGI::Session;
  use CGI::Cookie;

  my $style='disk'; 
#  $style='mysql'; 


  my $session; 
  my $notloggedin=''; 
  my $cookies; 

  my %passwords=(admin=>'admin',huck=>'huck'); 
  my $cgi = CGI->new;

  my $tssid  = $cgi->cookie('TSSID');
  my $timelast; 

  my $sessiona1; my $sessiona3; 

  if ($style eq 'mysql'){ 
      eval 'use cheap::mysqls         qw/sql_connect/; '; 
      my ($dbh,$rc) = sql_connect(dbi=>'mysql',id=>'monks');
      die "Cannot connect: $DBI::errstr" unless ($dbh);
      $sessiona1="driver:MySQL"; $sessiona3={ Handle => $dbh }; 
      } 
  else { $sessiona1=undef; $sessiona3={Directory=>$session_dir}; } 


#  my $session = CGI::Session->load("driver:MySQL", $query, { Handle =
+> $dbh }); 



  unless ($tssid){ 
      my $userid  =$cgi->param('userid');
      my $password=$cgi->param('password');
      $userid=''   unless ($userid); 
      $password='' unless ($password); 
      unless ( $userid)                             {$notloggedin='Ple
+ase Login';}  
      elsif  (! $passwords{$userid})                {$notloggedin='Bad
+ Userid';}  
      elsif  ($password  ne $passwords{$userid})    {$notloggedin='Bad
+ Password';}  
      else { 
          $session = CGI::Session->new($sessiona1, undef,$sessiona3);
          $cookies = [CGI::Cookie->new(-name    =>  'TSSID',
                                        -value   =>  $session->id, 
                                        -expires =>  $cookieexpires
                                       )];
          $session->expires($expires);
          $session->param('user_id',$userid);
          $session->param('timein'  , time);
          $session->param('timelast', time);
          $timelast=time; 
          $session->flush(); 
          } # ok  
      } # no tssid 
  else { 
      $session = CGI::Session->load($sessiona1, $tssid, $sessiona3);
      if ( $session->is_expired )    { 
          $notloggedin='login expired ' ; 
          $session->delete(); 
          $session->flush();
          } 
      elsif ( $session->is_empty )   { $notloggedin='login not found';
+} 
      else { 
          $cookies = [CGI::Cookie->new(-name    =>  'TSSID',
                                        -value   =>  $session->id, 
                                        -expires =>  $cookieexpires
                                       )];
          $timelast=$session->param('timelast'); 
          $session->param('timelast', time);
          $session->flush(); 
          } 
      } 

  if ($notloggedin){ 
      $cookies = [$cgi->cookie(TSSID => '')];
      print $cgi->header(-cookie=>$cookies); 

      print '<html><head><title>Must login</title></head><body>'."\n";
+ 
      print '<h1>Must login</h1>'."\n"; 
      print '<h3>'.$notloggedin.'</h3>'."\n"; 

      print '<form method="POST">'."\n"; 
      print 'Userid:<input type="text" name="userid">'."\n"; 
      print ' Password:<input type="text" name="password">'."\n"; 
      print '<input type="submit" value="Login">'."\n"; 
      print '</form>'."\n"; 
      } 
  else { 
      if ($cookies) {print $cgi->header(-cookie=>$cookies); } 
      else { print $cgi->header(); } 
      print '#html content after seccessfully login'; 
      print '<br>hi '.$session->param('user_id');
      print ' loggedin for '.(time-$session->param('timein')).' second
+s';
      print ' last seen '.(time-$timelast).' seconds ago';
      } 
  print '</body></html>'; 
  CGI::Session->find($sessiona1 ,sub {} ,$sessiona3); # clean expired 
+sessions

        [download]

[reply]
[d/l]

Back to Seekers of Perl Wisdom