in reply to Can I Create A Persistent Flock Under CGI.pm?

Use a semaphore as the lock. I like using directories for this, because mkdir() is atomic (unless you do it over NFS). 
sub LOCK { sleep 1 until mkdir "$_[0].lck", 0755 }
sub UNLOCK { rmdir "$_[0].lck" }

[download]
Now you just use those, and they exist over multiple calls to the program.

japhy -- Perl and Regex Hacker

Replies are listed 'Best First'.
Re: Re: Can I Create A Persistent Flock Under CGI.pm?
by sierrathedog04 (Hermit) on May 30, 2001 at 03:34 UTC
    The more I think about semaphores the more I am concerned about a web user who walks away or logs out after the first form is submitted. His semaphore could go on living forever!

    It may be that when using basic authentication and multi-page forms and multiple sessions with the same login id there is no simple solution to the problem of only allowing one session to use a file at a time.

[reply]
      Using a unique filename will ensure that someone won't block access to the form and that data won't bleed together and it's almost as simple as using a semaphore. You don't even need to use cookies, just add the unique id to the path_info and read it from there if you want. (Just make sure CGI.pm is outputting the Form HTML).

      As far as untainting the passed sessionid, you could do the following. 
      path_info() =~ /^(\w+)/;
my $session_id = $1;

unless ($session_id){
       # Session doesn't exist so they are new user.
       
       $session_id = makesessionID();
       # Create file and display first form below
       
}else{
       unless (-e $my_path.$session_id){
          # Something is funny if the session doesn't exist.
          # Probably should die 
       }
       # Read in session data from file.
       
       # Form two (3,4,5 whatever) below.
}

      [download]


      Just my two cents.

      -Lee

      "To be civilized is to deny one's nature."
[reply]
[d/l]

In Section Seekers of Perl Wisdom