boboson has asked for the wisdom of the Perl Monks concerning the following question:
I close the browser, I don't logout, I just close the browser.$session->param('mid' => $id_from_db); $session->param('member_type' => $member_type_id_from_db); $session->param("~logged-in", 1); $session->expires("~logged-in", "+120m"); # expires ~logged-in flag in + 30 mins
In my application class which inherits from the baseclass I check if the user is logged in or notsub cgiapp_init { # application object my $self = shift; # init session $self->init_session("sid"); } sub init_session { # application object my $self = shift; my $name = shift; # change name from CGISESSID to shorter sid CGI::Session->name($name); # init session object using CGI::Application::Plugin::Session my $session = $self->session; # send session to header $session->header(); }
sub cgiapp_prerun { # application object my $self = shift; # check member access and redirect accordingly $self->accessControll; } sub accessControll { # application object my $self = shift; # get cgi query object my $q = $self->query(); my %post = $q->Vars; # get session object my $session = $self->session; # if login is not old if($self->init() ne 2){ # Redirect to startpage if login if ($session->param("~logged-in")) { $self->prerun_mode($config->{login_successRM}); } } # after the third login attempt, redirect if ( $session->param("~login-trials") >= 3 ) { # change password for username # UPDATE password in USERNAME table $self->redirect_output_now('login_error'); } # Redirect to startpage if logout if( $self->get_current_runmode() eq "logout"){ $self->logout(); $self->prerun_mode('logout'); } } # # $post{lg_name} and $post{lg_password} are sent from my login form # sub init { # application object my $self = shift; # get cgi query object my $q = $self->query(); my %post = $q->Vars; # get session object my $session = $self->session; # database handle my $dbh = $self->param('dbh'); if ( $session->param("~logged-in") ) { return 2; # if logged in, don't bother going further } my $lg_name = $post{lg_name} or return; my $lg_psswd = $post{lg_password} or return; # if we came this far, user did submit the login form # so let's try to load his/her profile if name/psswds match my @sql_bind = ($lg_name, $lg_psswd, 1); my $sql_statement = qq/ SELECT ID, MEMBER_TYPE_ID, UNAME, PWORD FROM MEMBER WHERE UNAME=? AND PWORD=? AND ACTIVE=? /; my (@loop_data) = $self->fetchLoopData($dbh, $sql_statement, @sql_bin +d); if(@loop_data>0){ # login information $session->param('mid' => $loop_data[0]{ID}); $session->param('member_type' => $loop_data[0]{MEMBER_TYPE_ID}); $session->param("~logged-in", 1); $session->expires("~logged-in", "+120m"); # expires ~logged-in flag +in 30 mins $session->clear(["~login-trials"]); return 1; } $session->param('info' => 'returnera 3'); # if we came this far, the login/psswds do not match # the entries in the database my $trials = $session->param("~login-trials") || 0; return $session->param("~login-trials", ++$trials); }
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re: always logged in with CGI::Session
by bibliophile (Prior) on Mar 24, 2006 at 15:31 UTC | |
by boboson (Monk) on Mar 24, 2006 at 19:32 UTC | |
by bibliophile (Prior) on Apr 03, 2006 at 16:15 UTC | |
by boboson (Monk) on Apr 05, 2006 at 22:07 UTC | |
by bibliophile (Prior) on Apr 06, 2006 at 14:18 UTC |