in reply to Can a cookie created via CGI.pm be deleted by CGI::SESSION?

Cookies don't care how they are created, so the answer is "very possibly", if you create a session with the same session-cookie name and delete() it. Why in the world you'd want to do that instead of just using the CGI::Cookies interface for everything I don't know.

"What should it profit a man, if he should win a flame war, yet lose his cool?"
  • Comment on Re: Can a cookie created via CGI.pm be deleted by CGI::SESSION?

Replies are listed 'Best First'.
Re^2: Can a cookie created via CGI.pm be deleted by CGI::SESSION?
by newbie00 (Beadle) on Jul 03, 2006 at 05:55 UTC
    Thanks for your reply.

    I'm customizing an existing script created by someone else.

    The cookie was created via CGI.pm, but I want to delete the cookie after using it to bypass an error message that occurs and shuts down the processing of the script after a 'refresh' when I delete an entry in the db...

    The script has a parameter that looks for the corresponding entry in the db and halts when the db entry is not found. The only way I see to get around it is to delete the corresponding cookie so it has nothing to compare it to and let the program progress as normal by creating another parameter and corresponding db entry. So far, I know CGI::SESSION has the delete().

[reply]
      CGI::Session::delete() really just does this: 
      my $cgi = CGI->new();
my $cookie = $cgi->cookie( -name=>$self->name, -value => 1, -expires=>
+ '-1d');

      [download]
      And then later it sends the header including this cookie definition back to the browser. (example later in this post)

      The cookie isn't really managed by perl, it is managed by the browser. By telling the browser that the cookie was supposed to expire a day ago you can cause it to be deleted.

      This is done with the http headers that you send back with your response.

      It is easier to do this using one of the standard modules instead of writing the "Set-Cookie" header manually.

      Basic Example: 

      my $cgi= CGI->new();
my $cookie = $cgi->cookie( -name=>$name, -value => 1, -expires=> '-1d'
+);
print $query->header(-cookie => $cookie, type => 'text/html');

print "This text is sent to the browser, and at the same time the cook
+ie is cleared\n";

      [download]
      Note that this is setting what the value of the cookie will be -after- the browser gets this response.

      If you want to remove the cookie for -this- invocation you could modify the value of $ENV{HTTP_COOKIE}. For example, this would remove all cookies for -this- run - but not future ones. 

      delete $ENV{HTTP_COOKIE};

      [download]

      I'm sure there is a module for modifying the current cookie definitions, but I can't think of one offhand and am too tired to search at the moment :)

      Hope this helped.

[reply]
[d/l]
[select]
        Ok I couldn't resist looking for an existing solution - but didn't see one.

        You can do something like this though: 

        #
# Temporarily pretends a cookie does not exist by modifying
# the HTTP_COOKIE env variable.
#
sub rm_cookie {
    my ($cgi,$name) = @_;
    my $raw = $cgi->raw_cookie;
    # Obtain a list of all cookies (they are ; separated)
    # But exclude the one with the name you specify
    my @cookies = grep {!/^$name=/} split /; ?/, $raw;
    # Replace the HTTP_COOKIE env variable with the new fake
    # set of cookies. This is important, you might not want to
    # hide all cookies - just this one.
    $ENV{HTTP_COOKIE} = join('; ',@cookies);

}

        [download]
        And then if you want to remove a cookie named 'foo': 
        rm_cookie($cgi, 'foo');

        [download]
        But keep in mind this is making perl pretend that there isn't a cookie by that name. You still need to remove the actual cookie (if this is your intent), using something similar to the parent post. Off to sleep - really this time.
[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom