Does it matter that the variable $q (a CGI object) is declared with "our" rather than "my"? This variable is exported and used in other modules. | [reply] |
You are seriously mixing apples and oranges. As long as you are not dipping into the server's memory (for example, via mod_perl or some other persistence mechanism), it doesn't matter whether you are declaring a variable with my or our or their or her or his. It doesn't even matter whether you are using Perl or Ruby or Python or whatever.
Think of it this way... when user A sends requests a web page, a custom web page is constructed for user A, and sent back to user A. No one, no one in the world, in fact, not even user A using another browser on the same computer, gets that first page. Only user A, within the browser from which user A requested the page, only that user gets that page. That connection, between that instance of the browser and the web server, that connection is a session, and that session lasts only for the duration of that connection. To make it last longer... well, that is session and state management, and that is your responsibility.
Of course, if you use any persistence framework, all bets are off, and session management kicks in. Once again, you will be greatly helped by reading up on sessions and state management in web processes.
--
when small people start casting long shadows, it is time to go to bed
| [reply]
[d/l]
[select] |
Think of it this way... when user A sends requests a web page, a custom web page is constructed for user A, and sent back to user A. No one, no one in the world, in fact, not even user A using another browser on the same computer, gets that first page. Only user A, within the browser from which user A requested the page, only that user gets that page. That connection, between that instance of the browser and the web server, that connection is a session, and that session lasts only for the duration of that connection.
Thanks for the above. It's indeed very clear and reassuring that this part wouldn't result in user B seeing user A's page.
I do indeed use CGI::Session. Now I'm wondering if I might be messing things up by declaring the session variable ($session) as a global:
package Common;
use strict;
use CGI::Session;
require Exporter;
our @ISA = qw(Exporter);
our @EXPORT = qw($session);
our $session;
1;
package Login,
use Common qw($session);
$session = new CGI::Session('driver:File', undef, { Directory=>'/sessi
+ons' });
# $self holds user information passed from another sub
$session->param('USER', {
username => $self->{username},
last_logged => $self->{last_logged},
}
$session->flush;
print $session->header(-location=>"/index.pl");
1;
# index.pl
use Common qw($session);
use Main.pm
use Login.pm
$session = CGI::Session->load("driver:File", undef, { Directory=>'/ses
+sions' });
my $query = get_param('page') || 'main';
#probe($query);
my %nodes = (
main => \&main,
login => \&login,
_err => \&error,
);
eval { $nodes{ exists $nodes{$query} ? $query : '_err' }(); };
package Main,
use Common qw($session);
# the same $session is used in this module
1;
The $session object is created when the user logs in and is loaded only via index.pl and used in other modules (called via index.pl) requiring it. Any risk of this variable being corrupted when there are multiple users?
Please enlighten me :)
| [reply]
[d/l] |