CGI session problem.

d0353101 has asked for the wisdom of the Perl Monks concerning the following question:

I am having login.cgi. user enter id and password. if ok it redirects to main.cgi with user_id as main_page.cgi?user_id=$user_id.

main.cgi is having left menu and right part is for doing some action.

in all the CGI files including main.cgi I am writing this code before start_html to manage the session:

---------------------------------------

my $cgi = CGI->new;

my $login_user_id = $cgi->param('user_id');    

########### -- Creating The session--##################

my $session = CGI::Session->new( undef, $cgi, {Directory=>'/tmp'} );
my $cookie = $cgi->cookie(CGISESSID => $session->id );
print $cgi->header(-cookie=>$cookie);

print $cgi->start_html("ADD CATEGORY");
[download]

---------------------------------------

But when I click any link (like add payment) on the left menu. a new session is getting created every time.

Please help... I dont want a new session.

I m stuck in it since last 2 days and getting dumbheaded. Please help :-(

Comment on CGI session problem. Download Code

Replies are listed 'Best First'.
Re: CGI session problem. by moritz (Cardinal) on Jul 29, 2008 at 09:14 UTC
In the code that you showed you never call `$session->flush()`, thus never writing it to disk. Try this as a first attempt.	[reply] [d/l]
Re^2: CGI session problem. by d0353101 (Novice) on Jul 29, 2008 at 10:02 UTC
I tried to put it after creating the session bu IT does not work : `########### -- Creating The session--################## my $session = CGI::Session->new( undef, $cgi, {Directory=>'/tmp'} ); $session->flush(); my $cookie = $cgi->cookie(CGISESSID => $session->id ); print $cgi->header(-cookie=>$cookie);` [download]	[reply] [d/l]
Re^3: CGI session problem. by moritz (Cardinal) on Jul 29, 2008 at 10:06 UTC
Then you have to start debugging - do your script headers contain a correct cookie? If so, is it also stored on disk? Does the browser send the cookie correctly back to the server? And before you start debugging, delete the cookies in your browser and try again. For debugging it might be useful to print the cookie and session id information to a log file, and to use wireshark or a similar tool to monitor your HTTP traffic.	[reply]
Re^4: CGI session problem. by d0353101 (Novice) on Jul 29, 2008 at 11:07 UTC
Re^5: CGI session problem. by moritz (Cardinal) on Jul 29, 2008 at 11:21 UTC
Re: CGI session problem. by Anonymous Monk on Jul 29, 2008 at 10:14 UTC
Hi, The session id should be created in the server during if the user/pass is authenticated and send the session id in the cookie as well, note: do not create the session id again in all the pages, by giving `new CGI::Session` in rest of the cgi files, you have to get the server session id and cookie session id to compare if there are valid, if so provide the screen to the user or else the page should be taken back to the user/pass screen saying the 'page has expired'. let me know if i am not wrong.	[reply] [d/l]
Re^2: CGI session problem. by moritz (Cardinal) on Jul 29, 2008 at 10:33 UTC
There's nothing wrong with unconditionally calling `CGI::Session->new()`. If you provide a CGI object (or no arguments at all) it will take the session ID from the cookie, if any, and load the corresponding session. Only if that fails it actually generates a new logical session.	[reply] [d/l]