Tom Brown wrote:
>
> On Fri, 28 Jul 2000, Paul J. Lucas wrote:
>
> > On Fri, 28 Jul 2000, Denton River wrote:
> >
> > > Its been a long time since i have done a jobb without using sessions. I would
> > > really like to have this feature included in the kit im using and i think
> > > alot of developers are with me on this one.
> >
> > What I don't understand is *why*. Why can't you use to
> > independent pieces of software: one for templates and the other
> > for sessions that work perfectly well together (or seperately)?
> >
> > I personally prefer smaller, more easily udnerstandable pieces
> > to large, complex, feature-bloated software.
>
> Agreed. It seems to me that someone should write a simple package for
> tieing in Apache::Session (or similar) in a transparent manner, perhaps
> using an early handler stage of the request and leaving the session info
> in $r->pnotes() ?? (via an object/typglob/whatever??) That said, it's
> late and I'm really not in the appropriate state for making _solid_
> contributions ;-)
As per my other posts I think that this would be handy - and as others
have mention if we could make something that is generic then people use
it in small projects where they mostly roll their own, or other may
include it with a TT or embperl system, like Apache::Session is
supported via Embperl.
I've a simple / ugly module that does the above as a URI transhandler -
it is basically some code from the excellent apache modules book with
some extra cookie checking. Mine also checks the cookie to see if is
valid (i.e DB lookup)
It:
Checks the URI to see if session management is "on" - returns declined
if not.
Either puts the cookie value of a cookie called session into pnotes, and
sets pnotes cookie_on to true.
Or does a rewrite to check cookies - with a new session id.(this bits
still being tested!)
If this fails it looks for a session id in the URL
(www.foo.com/session_id/everything else) - like the example in the
apache modules book. - if a session is found it places this in pnotes,
and sets pnotes cookie_on to false.
If no session id in the URL it then makes one and does a redirect to
that.
If any sees any major issue with this then please drop me a line - I can
see so far:
1. Does a lot of redirects if cookies are off first time round.
2. Session ID may get sent with the URL in a HTTP_REFERER by a browser -
if you have links off your site.
3. Posted values get lost in the redirect - this is probably solvable.
4. I have added code to get the args and redirect those as well - so get
request do not lose their args.
If people want to send me wish lists I'll see if I can include them and
then write some docs (so far its in the tradition of real programmers
don't document - I'm hoping to be a real programmer ;-) and post it back
here.
Greg
>
> >
> > - Paul
> >
>
> ----------------------------------------------------------------------
> [EMAIL PROTECTED] | Don't go around saying the world owes you a living;
> http://BareMetal.com/ | the world owes you nothing; it was here first.
> web hosting since '95 | - Mark Twain
