larryp has asked for the wisdom of the Perl Monks concerning the following question:

Greetings Monks,

I'm having trouble with CGI::Session and I can't figure out what's going on. I've tried everything, POD, man pages, google, to no avail. Anyway, I know someone here will be able to point me in the right direction.

I'm using CGI::Session for session tracking. I'm creating the session, populating session parameters, and writing the CGISESSID cookie in a login script. I'm then redirecting to a page generation script. In the page generation script, I'm reading the cookie to get the session ID and then creating a new session based on the stored session id. (I'm also passing the SID of the first session in the query string for troubleshooting.) According to the documentation (tutorial, cookbook, perldoc, etc.) , this should be creating a session object associated with the established session ID instead of creating a new session. The code I'm using is as follows:

    # -----8<-----
    my $cgi = new CGI();
    my $cookieval = $cgi->cookie("CGISESSID");
    my $paramval = $cgi->param("CGISESSID");
    my $sid = $cgi->cookie("CGISESSID") || $cgi->param("CGISESSID");

    my $session = new CGI::Session(undef, $sid, {Directory=>File::Spec
+->tmpdir()});
    my $sid2 = $session->id();
    # -----8<-----

[download]

In this scenario, $cookieval = $paramval = $sid. These all retrieve the same session ID. However, once I create the session variable, I expect $sid2 to be the same as the previous three variables. It is not. Declaring 'my $session...' creates a brand new session object, despite the fact that I'm giving it the SID of the previous session. Once this happens, I can't access any of my previously written session parameters because $session is now associated with the new session object. I'm certain I'm doing something wrong, but I can't gure it out.

My apologies for troubling you with this and many thanks in advance for your assistance.

Thanks again,

Larry

  • Comment on Problem with CGI::Session module -- Getting a new session every time
  • Download Code

Replies are listed 'Best First'.
Re: Problem with CGI::Session module -- Getting a new session every time
by tachyon (Chancellor) on Nov 04, 2004 at 08:41 UTC

    I suspect it may be that you are not actually writing the session file, probably due to File::Spec::tmpdir returning a dir you can't write. CGI::Session fails silently in this case. Try adding END{ warn $session->error } to pick up any errors.

    You are making harder work of it than required. Try something like this with a hard coded tmpdir file. CHECK to see that your session files are getting written there. 

    my $q = CGI->new;

# this will return a session object.
# if the CGISESSID is avialable via cookie or param 
# that is what's used, otherwise it is a new session

my $session = new CGI::Session("driver:File", $q, {Directory=>'/tmp'})
+;

# this prints a header with the CGISSESSID cookie:
print $session->header()

# now if you want to stick it in a form as well, get the SESSID
my $sessid = $session->id;

# and stick it in the form.....
print <<HTML;
<form>
<input type="hidden" name="CGISESSID" value="$sessid">
</form>
HTML

    [download]

    cheers

    tachyon

[reply]
[d/l]
[select]

      Hi Tachyon,

      Thanks for the reply. I don't think this is the case, though, because when I check the Temp dir (in this case, C:\Winnt\temp), I'm getting "cgisess_md5string" files created. In fact, I'm getting two when I should only be getting one. :) I will try your suggestion, though.

      Thanks again,

      Larry

[reply]
Re: Problem with CGI::Session module -- Getting a new session every time
by mbeast (Beadle) on Nov 05, 2004 at 05:32 UTC
    I would stick some print statements in there and make sure the variables contain what you think they contain. Seems like $sid is undef or not a valid id if it is creating new ids.
[reply]

      Hi Mbeast,

      Thanks for the suggestion. I'm actually doing that. The following code:

          #-----8<-----
    my $cgi = new CGI();
    my $cookieval = $cgi->cookie( "CGISESSID" );
    my $sid = $cgi->cookie( "CGISESSID" ) || $cgi->param( "CGISESSID" 
+);
    my $qs = $ENV{ 'QUERY_STRING' };
    my ( $varname, $id ) = split( /=/, $qs, 2 );
    my $session = new CGI::Session(undef, $id, { Directory => File::Sp
+ec->tmpdir() });

    my $sid2 = $session->id();
    #-----8<-----
    print $cgi->header();
    print "<pre>";
    print "<b>COOKIE VAL: </b>" . $cookieval . "<br />\n";
    print "<b>SID:", "&nbsp;" x 8, "</b>" . $sid . "<br />\n";
    print "<b>SID2:", "&nbsp;" x 7, "</b>" . $sid2 . "<br />\n";
    print "<b>ID:", "&nbsp;" x 9, "</b>" . $id . "<br />\n";
    print "</pre>\n";
    #-----8<-----

      [download]

      Produces this when written immediately after the header on the page:

      COOKIE VAL: 5f3495591cbfa4c5ef26baadaaabd120

SID:        5f3495591cbfa4c5ef26baadaaabd120

SID2:       a418ee3ee9fb84b0360ac4496e999429

ID:         5f3495591cbfa4c5ef26baadaaabd120

      [download]

      I know it's not a cookie issue, because the cookie value reported by my browser matches $cookieval, $sid, and $id. Furthermore, if I refresh the page (a script called pagegen.cgi), $cookieval, $sid, and $id all stay the same, while $sid2 changes.

      I've been fighting with this for two days now and I'm nearly at my wit's end. :)

      Thanks again,

      Larry

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom