I close the browser, I don't logout, I just close the browser.$session->param('mid' => $id_from_db); $session->param('member_type' => $member_type_id_from_db); $session->param("~logged-in", 1); $session->expires("~logged-in", "+120m"); # expires ~logged-in flag in + 30 mins
In my application class which inherits from the baseclass I check if the user is logged in or notsub cgiapp_init { # application object my $self = shift; # init session $self->init_session("sid"); } sub init_session { # application object my $self = shift; my $name = shift; # change name from CGISESSID to shorter sid CGI::Session->name($name); # init session object using CGI::Application::Plugin::Session my $session = $self->session; # send session to header $session->header(); }
sub cgiapp_prerun { # application object my $self = shift; # check member access and redirect accordingly $self->accessControll; } sub accessControll { # application object my $self = shift; # get cgi query object my $q = $self->query(); my %post = $q->Vars; # get session object my $session = $self->session; # if login is not old if($self->init() ne 2){ # Redirect to startpage if login if ($session->param("~logged-in")) { $self->prerun_mode($config->{login_successRM}); } } # after the third login attempt, redirect if ( $session->param("~login-trials") >= 3 ) { # change password for username # UPDATE password in USERNAME table $self->redirect_output_now('login_error'); } # Redirect to startpage if logout if( $self->get_current_runmode() eq "logout"){ $self->logout(); $self->prerun_mode('logout'); } } # # $post{lg_name} and $post{lg_password} are sent from my login form # sub init { # application object my $self = shift; # get cgi query object my $q = $self->query(); my %post = $q->Vars; # get session object my $session = $self->session; # database handle my $dbh = $self->param('dbh'); if ( $session->param("~logged-in") ) { return 2; # if logged in, don't bother going further } my $lg_name = $post{lg_name} or return; my $lg_psswd = $post{lg_password} or return; # if we came this far, user did submit the login form # so let's try to load his/her profile if name/psswds match my @sql_bind = ($lg_name, $lg_psswd, 1); my $sql_statement = qq/ SELECT ID, MEMBER_TYPE_ID, UNAME, PWORD FROM MEMBER WHERE UNAME=? AND PWORD=? AND ACTIVE=? /; my (@loop_data) = $self->fetchLoopData($dbh, $sql_statement, @sql_bin +d); if(@loop_data>0){ # login information $session->param('mid' => $loop_data[0]{ID}); $session->param('member_type' => $loop_data[0]{MEMBER_TYPE_ID}); $session->param("~logged-in", 1); $session->expires("~logged-in", "+120m"); # expires ~logged-in flag +in 30 mins $session->clear(["~login-trials"]); return 1; } $session->param('info' => 'returnera 3'); # if we came this far, the login/psswds do not match # the entries in the database my $trials = $session->param("~login-trials") || 0; return $session->param("~login-trials", ++$trials); }
In reply to always logged in with CGI::Session by boboson
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |