I am trying to implement a simple login dialog for my application, and am having trouble making it work.

Below is a small piece of code that illustrates my problem: 

#!C:/Perl/bin/perl
use strict;
use warnings;

use CGI::Carp qw( fatalsToBrowser );
use CGI;
use CGI::Session;

run();

sub run {
    my $cgi = new CGI();
    my $action = $cgi->param('do');
    
    #
    # Create a session object
    #
    my $session = undef;
    if ($action eq 'login') {
        # Create a brand new session, by passing an undef cgi argument
+ to CGI::Session.
        $session = new CGI::Session("driver:File", undef, {Directory=>
+"/"});
    } elsif ($action eq 'stay_logged') {
        # Keep the existing session, by passing the CGI object to CGI:
+:Session.
        $session = new CGI::Session("driver:File", $cgi, {Directory=>"
+/"});
    } else {
        die "Invalid action '$action'\n";
    }

    #
    # Send the CGISESSID cookie to the browser
    #
    my $cookie = undef;
    my $session_id = undef;
    if ($session) {
        $session_id = $session->id();
        $cookie = $cgi->cookie(CGISESSID => $session_id);        
        print $cgi->header(-cookie=>$cookie);
    }    

    print $cgi->start_html('Fooling around with session login/logout')
+;

    print "<h3>\$action='$action'</h3>\n";

    print "<pre>\$session_id=$session_id\n</pre>\n\n";    
    print "<pre>\$cookie=$cookie\n\n</pre>\n";
    
    my $random_id = rand();
    print "<ul>\n";
    print "   <li><a href=\"try_logon.cgi?do=login&rand=$random_id\">l
+ogin</a></li>\n";
    print "   <li><a href=\"try_logon.cgi?do=stay_logged&rand=$random_
+id\">stay logged</a></li>\n";
    print "</ul>\n";
    
    
    print $cgi->end_html;
}

[download]

This script displays a 'login' and a 'stay logged' links. The 'login' link is supposed to create a brand new session (line 21), by invoking new CGI::Session::new() and passing it an undefined value for the CGI argument. The 'stay logged' link is supposed to create a session using the current session ID (line 24), by passing an actual CGI instance as the second argument of CGI::Session::new().

But it doesn't work!

If I click multiple times on the 'login' dialog, I see the same session id being used over and over again. Same goes for the 'stay logged' link, but that one is to be expected.

Note that I am running under mod_cgi (NOT mod_perl), and that it can't be a cache issue, because the URL of each of the invocations of the script is different (because I add a different random cgi argument to it everytime).

What am I doing wrong? Thx.

In reply to CGI::Session keeps re-using same session ID by alain_desilets

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.