On Jan 19, 2005, at 11:03 AM, Joe Schaefer wrote:
Sean Davis <[EMAIL PROTECTED]> writes:
On Jan 19, 2005, at 10:11 AM, Sean Davis wrote:
This is a simple not-understanding-the-issues question, I'm sure. I
have an authen handler (that used Apache::Request, Apache::Cookie, and
Apache::Session) in front of a uri serving a Registry script that
runs using CGI. The script works fine without the handler in place,
but when I put the handler in place (which also seems to do what I
want), I seem to be losing the ability to do post requests (I get the
content, but the changes made on the previous form page are not
reflected on the update). Is the issue that I need to change all the
post parameters to args for a get and do a redirect?
I tried it (changing post to get, that is). Fixed the problem.
If you're using mp2, that shouldn't be necessary. If you are, can you be more specific about the problem? Also, which version of Apache::Request are you using?
-- Joe Schaefer
Thanks Joe, Tom, and Geoff for the replies. To answer all of you:
I am NOT using mp2 and I think the behavior is documented for mp1, as others have suggested. As for using Apache::Request->instance(), the CGI code is legacy code and uses CGI.pm exclusively, so I don't have the option of using the Apache::Request object without some code wading (not now). Just out of curiosity, though, will something as simple as:
$r = Apache::Request->instance(); $q = CGI->new($r);
work when using the instance method under mp1 regardless of whether the Apache::Request->instance() has been used in a prior handler?
As for the URI lengths and logging, I do custom logging to a private RDBM, so not a big deal. Also, since the GET is done WITHIN the request (VERY COOL, mod_perl is) and NOT as a redirect, the browser URL is never updated, so to the user, it appears like a post and security isn't so much an issue. The username and password never pass through a GET method; in fact, the CGI script doesn't even know that the Authentication process has occurred.
Thanks again, Sean
