|
Re: Stay Logged in
by Madams (Pilgrim) on Feb 13, 2001 at 07:47 UTC
|
Cookie,cookie,cookie starts with "C"...
Try:
use CGI;
and the cookie() sub.
Cookies are resent by the browser at every http request the pod for CGI.pm is VERY helpfull.
Goodluck,
madams. | [reply]
[d/l] |
|
|
Hey,
I have some questions reguarding that. One: Is there a resource you can provide me with you help me out? Secondly, when do the cookies get reset? Thirdly, how do i call the cookie, during the script??
THanks
Dipul
| [reply] |
|
|
First: Using cookies within perl, refer to CGI.pm. When you send the HTTP header, you send the cookies off with it.
Second: You specify the expiry time for a cookie when you send it in the header; it's then up to the specific browser to decide when to remove it after the expiry is over with -- some do this on startup, some on shutdown, but that's not your problem.
Third: with CGI.pl, you have to send the cookie off with the header in order to have it set. With how HTTP is configured, the CGI.pm variable will get the pertient cookie information from the user during initialization, so you'll be able to check for any cookies that you might have put out at any time during the use of CGI.pm.
| [reply] |
Re: Stay Logged in
by extremely (Priest) on Feb 13, 2001 at 11:15 UTC
|
Read up on HTTP::Cookies, CGI::Cookie,
and hit a few web developer sites. You will find that you
can set a cookie for a full domain name or the root domain,
you can set the expire time, you can store multiple sets
of data in one cookie, and much more.
1 hour, 1 day, 1 week, 1 month, and 1 year are all commonly
used depending on how you wish it handled. Some sites set
the cookie at one month and bump it up every time it gets
under 1 week. That is always nice.
--
$you = new YOU;
honk() if $you->love(perl) | [reply] |
Re: Stay Logged in
by kschwab (Vicar) on Feb 13, 2001 at 17:16 UTC
|
Basically, you are introducing state into a stateless
protocol (HTTP). There are really only two ways to do
this, keeping state in the client, or keeping state in
the server.:
| [reply] |
Re: Stay Logged in
by baku (Scribe) on Feb 13, 2001 at 19:48 UTC
|
Not mentioned here, so I thought I'd throw it in...
You can set Apache to call your script 'as a directory:' e.g. http://mydom.xx/myscript can be a 'prefix,' and you then read some parametres from the $ENV{'REQUEST_URI'} string. (Take out the $ENV{'SCRIPT_URI'} to get the extras and you can relocate your script later!) This lets you create sessions without cookies, and still accept both GET and POST requests (or PUT, or whatever) by putting it into the URI: e.g. http://mydom.xx/jsmith/messages or sommat.
Plus, it makes a big CGI-based site look much more 'readable:' URLs like http://mydom.xx/script.pl?user=jsmith&request=blah get very hard to remember :-)
But you still need to make certain they've logged in correctly, so e.g. jsmith doesn't send his bookmarks file to someone else... which probably means keeping some kind of state file (as simple as a tied DB file) -- but then, you shouldn't trust cookies either, they can be faked too :-)
| [reply]
[d/l]
[select] |
Re: Stay Logged in
by damian1301 (Curate) on Feb 13, 2001 at 23:35 UTC
|
You should maybe try using hidden fields to maintain state. Just throw in a little unique ID for the user. There is also a little, less secure idea. You could throw the user's password and ID in the the hidden fields too...but I would definately NOT recommend this. There could also be a problem with this though, too. If someone doesn't always access something through a form (like a hyperlink) then it will not work and the user will be logged out.
Overall, you should probably set a little mix between the two to get the best of what you want. Hope I helped :)
Almost a Perl hacker.
Dave AKA damian
I encourage you to email me | [reply] |
Re: Stay Logged in
by merlyn (Sage) on Feb 13, 2001 at 20:55 UTC
|
| [reply] |