Re: Session problem

Not sure I understand what the browser's back button (or form re-submission) has to do with session expiry. Anyway... don't expect the browser to handle your session. Any checks that matter to the integrity of your program logic should be done server-side. That includes handling session data. In short, you can't effectively control a browser (or any other HTTP client) to not resend form data... so if it matters, you'll have to check for that case server-side (for example by assigning a one-time unique ID to every form sent to the browser and then keeping track of which IDs/forms have already been submitted... or some such).

That said, in case your problem rather is that the session data isn't being deleted server-side, you might just need to call flush after having called the delete method — in case you're using CGI::Session, that is. The module is known to often need explicit flushing. Some more details (e.g. if this is normal CGI or some persistent environment, etc.) and some sample code would help to give us a better idea of what your exact problem is.

Comment on Re: Session problem Select or Download Code

Replies are listed 'Best First'.
Re^2: Session problem by priti (Initiate) on Aug 08, 2008 at 10:34 UTC
I will try flushing after sessin destroy.By that time following is my code. 1. From php files I am receiving parameter to my perl file through GET. 2. In Perl File – It is multiple form almost 4 four pages On every page submit session_start functions check for whether session exists or not .If, yes then it reinitialize else create new. So, on page 1 it creates new session id and till I submit my page session Id is saved as hidden field in form and it propagate from one page to last page and I keep on initialing it. It a huge code I cann’t paste here these are the lines in my code to start and destroy the session. my $q=new CGI; my %KVP=$q->Vars; $id=KVP{'sessionid'}) //post hidden variable $session=&session_start($q,$id); $sessionid=$session->id; . . . if($session) { session_destroy($session); //This doesn’t empty the cgisess_ var in /tmp } sub session_start() { my($cgi,$session_id)=@_; if($session_id eq '') { #create new session $session = new CGI::Session(undef, $cgi, {Directory=>'/tmp/'}); } else { #reinitialse with session with session id $session= new CGI::Session(undef, $session_id, {Directory=>'/tmp'} +) } return $session; } sub session_destroy() { my($session)=@_; $session->delete(); } [download] This is what i understand from myself and tried to implement it on my project. If you find something is not good practice or this thing can be done in more efficient way . Kindly advice me on it also. Thanks .	[reply] [d/l]

Replies are listed 'Best First'.

Re^2: Session problem
by priti (Initiate) on Aug 08, 2008 at 10:34 UTC

my $q=new CGI;
my %KVP=$q->Vars;

$id=KVP{'sessionid'}) //post hidden variable 

$session=&session_start($q,$id);
$sessionid=$session->id;
.
.
.

if($session)
{
    session_destroy($session);

    //This doesn’t empty the cgisess_ var in /tmp
}

sub session_start()
{
  my($cgi,$session_id)=@_;

  if($session_id eq '')
  {
    #create new session
    $session = new CGI::Session(undef, $cgi, {Directory=>'/tmp/'});
  }
  else
  {
      #reinitialse with session with session id
    $session= new CGI::Session(undef, $session_id, {Directory=>'/tmp'}
+)
  }
  return $session;
}


sub session_destroy()
{
    my($session)=@_;
    $session->delete();
}
[download]

[reply]
[d/l]