PerlCGI / Cookies

Trihedralguy has asked for the wisdom of the Perl Monks concerning the following question:

In a program I'm writing with CGI the user will put in some information and it needs to be validated against a database. All goes fine until I get to the point where I say "Did they 'pass the test' or 'did the fail the test'. If they pass - I need it to redirect to 'page2'....If they failed....Show Error Message. The problem is that I send the information from page1 to page2 via a cookie, but how can I redirect and send the cookie through the header. Here is my code:

      #SUCCESSFUL LOG-IN -----------------------------------
      print "Location: policy.cgi\n\n";
      }
      else {
      #FAILED LOG-IN ---------------------------------------
      print
      header(-cookie => [$to_set1,$to_set2,$to_set3]),
      start_html('Schmuck-Policy');
[download]

As you can see even the failed log in will get the cookie, not for any reason, but thats how I figured it could be done with the successful log in.
Anyone have any ideas?

Comment on PerlCGI / Cookies Download Code

Replies are listed 'Best First'.
Re: PerlCGI / Cookies by ikegami (Patriarch) on Mar 05, 2007 at 20:34 UTC
Although it's undocumented, CGI's `redirect` method appears to accept cookies just like it's cousin, the `header` method. `if (...successful...) { print redirect( -uri => "policy.cgi", -cookie => [ $to_set1, $to_set2, $to_set3 ] ); } else { print header( -cookie => [ $to_set1, $to_set2, $to_set3 ] ); ... }` [download] I don't know if cookies can be set on a redirection, but there's no harm in trying. By the way, the value of the Location field (and therefore the value for the `-uri` parameter) must be an absolute URI according to the HTTP spec and the docs for the CGI module. `policy.cgi` is not an absolute URI. Absolute URIs start with something like `http://` or `ftp://`. Update: Added last paragraph.	[reply] [d/l] [select]
Re: PerlCGI / Cookies by Joost (Canon) on Mar 05, 2007 at 20:30 UTC
IRRC, you can set cookies with a redirect by passing the -cookies argument to the redirect() method just like it works for the header() method. In my experience using cookies just for session ids is a lot more secure and convenient though. That a look at CGI::Session. update: fixed link "What should it profit a man, if he should win a flame war, yet lose his cool?"	[reply]
Re: PerlCGI / Cookies by Trihedralguy (Pilgrim) on Mar 05, 2007 at 20:46 UTC
Thanks ikegami! That worked perfectly, sorry I'm fairly new to perl, so finding things like this is quite difficult.	[reply]