Ok, do you remember the code i said you should try in Re^3: Sessions Questions? Still works just fine, i refreshed it It may have confused you because rather than the name of CGISESSID that CGI::Session uses my cookie was instead named TSSID. To get the current cookie i used my $tssid = $q->cookie('TSSID');. while my %cookies = CGI::Cookie->fetch; $sid = $cookies{$sessionname}->value; is another valid way to do it, it will only work if $sessionname='CGISESSID';, you say that is true, but have you proved it?
Lets review the code you have exposed so far here.
Do you see $sessionname getting set? to anything? Well there is a commented out statement. You have a habit of using "global-lexical" variables, (if i just said global someone would harp "they are not in $MAIN::, so they are lexical", so global-lexical means they are defined with a my but their scope is global). You may not have even set $sessionname or it is not the name of a cookie, which means if ($cookies{$sessionname}) { fails, and you will never see warn("GetUserSessionCookie SID: $sid"); To make sure that $sessioname is set add warn("GetUserSessionCookie sessionname: '$sessionname'"); to the top of GetUserSessionCookie. (note NOT $cookies{$sessionname} like your commented out code uses, just $sessionname)sub GetUserSessionCookie { warn("Entered GetUserSessionCookie"); use CGI qw/:standard/; # fetch existing cookies my %cookies = CGI::Cookie->fetch; warn(%cookies); my $sid; # warn("GetUserSessionCookie sessionname: '$cookies{$sessionname}'" +); if ($cookies{$sessionname}) { $sid = $cookies{$sessionname}->value; warn("GetUserSessionCookie SID: $sid"); } else{ $sid = 0; } return $sid; } sub ProcessLoginRequest { my ($query) = @_; my $status = 0; # $sessionname = 'CGISESSID'; # my %cookies = CGI::Cookie->fetch; # my $sid = $cookies{$sessionname}->value; my $sid = GetUserSessionCookie(); warn("ProcessLoginRequest Query: '$query'"); warn("ProcessLoginRequest SID from cookie: '$sid'"); #Check if it got valid return from fetch cookie if ($sid ne 0){ $status = 1; ... end missing
if $sessionname='CGISESSID'; Why else might if ($cookies{$sessionname}) { fail? that would also happen if the user did not have the CGISESSID cookie set, because it expired or was deleted. In this case you set $sid=0; This is a bad thing to do for if that is the $sid you pass in $session = new CGI::Session("driver:MySQL", $sid, {Handle=>$dbh, LockHandle=>$dbh});. CGI::Session will create a new session there if $sid is undef, but i bet (untested) that if $sid is 0 it considers it a valid sessionid and returns the results of that session(0) if it still exists (unexpired maybe because of a huge expire time of Now()+7*24*60*60 you once may have set), and returns the results of a new session if it doesnt. I dont think you have shown us where you send the cookie back to the browser, i do it by setting $cookie in one of three places, then using print $q->header(-cookie=>$cookie); Note that two of those places set $cookie = $q->cookie(TSSID => $session->id ); (Note that uses the default cookie -expires. http://perldoc.perl.org/CGI.html#HTTP-COOKIES says "If an expiration date isn't specified, the cookie will remain active until the user quits the browser." so everytime they quit the browser there will be no more cookie sent when they start it up again.) For your login scheme to work you have be be setting the cookie somewhere and sending to back to the browser, but if you dont use $cookie = $q->cookie(CGISESSID => $session->id ); you may be sending the wrong cookie value back. In fact if you use $cookie = $q->cookie(CGISESSID => $sid ); and $sid is 0 you are in trouble, in fact reusing that 0 session. This goes to show how valuable use warnings; can be, even if it seems to break EVERYTHING at first.
In reply to Re: Cookie->fetch problem
by huck
in thread Cookie->fetch problem
by tultalk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |