Making CGI::Session Permanent

oghran has asked for the wisdom of the Perl Monks concerning the following question:

Following some discussions on Perl Monks I decided to start using CGI::Session for my shopping cart software. It basically just stores the unique session key on the users browser, matching up with a list of cart items in a table on the server.

This works perfectly fine except for one small thing, and that is if a user closes their browser the session is lost and the cart immediately becomes empty. This of course leaves the previous items hanging around in the database which is not ideal.

What I'd really like to know is if there is someway that you can make CGI::Session persist between browser sessions ? I don't think it should be that hard and I'm sure there is some kind of attribute to use, but I haven't yet discovered.

Thanks for any assistance.

Comment on Making CGI::Session Permanent

Replies are listed 'Best First'.
Re: Making CGI::Session Permanent by matthewb (Curate) on Dec 05, 2003 at 10:49 UTC
Cookies expire at the end of the browser session by default. Use the `expires` method to set the timespan you desire. MB	[reply] [d/l]
Re: Making CGI::Session Permanent by EvdB (Deacon) on Dec 05, 2003 at 11:12 UTC
As mentioned use the expires setting of the cookie. Be sure though to add a timestamp to the basket table in the database so that after a year say you can empty out the dead items. It would also be wise to check that the cookie is updated now and then so that it does not expire unexpectedly. Set the expire time to less than the db lifetime and you will be fine - as long as you update both the database and the cookie at the same time. --`tidiness is the memory loss of environmental mnemonics`	[reply] [d/l]
Re: Re: Making CGI::Session Permanent by oghran (Initiate) on Dec 10, 2003 at 11:14 UTC
When you say cookie do you mean the session ? I've actually just tried setting the session expiry to 30 days from now using: `$session->expire('+30d');` [download] This doesn't seem to have worked though and as soon as I close the browser, the cart is empty once again. Is there someway to set the expiry of the cookie specifically within CGI::Session other than $session->expire() ?	[reply] [d/l]
Re: Re: Re: Making CGI::Session Permanent by oghran (Initiate) on Dec 10, 2003 at 13:08 UTC
Okay, nevermind. I've actually looked back at my code and realised I'm saving the session id as a cookie with CGI::Cookie. Ive set the expiry of that for 30 days and its working perfectly. Sometimes it pays to read your own code before posting. Thanks :)	[reply]
Re: Making CGI::Session Permanent by pg (Canon) on Dec 05, 2003 at 12:20 UTC
I believe that you have considered this already, but there is no harm to mention that, the existance of this cockie in a PC should not automatically log the user in. The user still should go through the normal authentication procedure, otherwise this opens up a security hole.	[reply]