I am using CGI::Application in which my cgiapp_prerun() is as follows:
sub cgiapp_prerun
{
my $self = shift;
my $q = $self->query();
# Open existing session from cookie id, or open new session
my $session = new CGI::Session(undef, $q, {Directory=>'/tmp'});
# Delete session if user requested logout
if ($q->param('rm') eq 'logout')
{
$session->delete();
# Start new session
$session = new CGI::Session(undef, undef, {Directory=>'/tmp'});
# Set session as logged out
$session->param(-name=> 'logged_in', -value => 0);
# Change run mode to default run mode
$self->prerun_mode('default');
}
$session->expire('+1h');
my $cookie = $q->cookie(CGISESSID => $session->id);
# Send cookie in header
$self->header_props(-cookie => $cookie);
# Make session params available to other subs & modules
$self->param(session => $session);
}
A separate validation run mode, which is used to validate both registrations and logins, sets the session parameter 'logged_in' to true if registration or logon was successful.
Pretty simple and it works. I haven't checked out Apache::Session yet so I don't konw which one would be best to use.
UPDATE:
I've just came across this node which recommends using CGIS::Application because it's CGI::Session enabled CGI::Application. Though I haven't looked at it yet so can't give any opinion on which one would be best.
HTH,
Anne
In reply to Re: Re: Re: Regarding User Sessions
by Anneq
in thread Regarding User Sessions
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |