Re: Cookies - Basic Perl
On Wed, Dec 12, 2012 at 12:16 PM, Andy Bach afb...@gmail.com wrote: I used a temp var as you had ($cookie), but in this case, using the default while usage assings directly to $_: while ( ) { if ( $_ eq 'cookie') { assigns directly to $_ and that gets easier with regular expression matching: while ( my $cookie = ) { chomp($cookie); if ( /cookie/ ) { means if $_ contains the word cookie Er, that was fubar - S/B: while ( ) { if ( /cookie/ ) { Good luck! -- a Andy Bach, afb...@gmail.com 608 658-1890 cell 608 261-5738 wk
Re: Cookies - Basic Perl
Before your 2nd while loop, add: $cookie = ; I have a problem with a certain script, as a beginner. #!/usr/bin/perl -w # # Cookie Monster $cookie = ; while ( $cookie ne 'cookie') { print 'Give me a cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookie.\n; while ( $cookie ne 'cookie') { print 'Give me another cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookies.\n; When I input 'cookie', the script will print the lines that will appear from the first and second requests. The script will not print the second request's demand. I think it's because the ne value is the same for the two, and I cannot separate the demands unless I change the ne value for the second demand to 'another cookie'. -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/ -- -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
Re: Cookies - Basic Perl
On Tue, Dec 11, 2012 at 9:41 PM, Alex Ahn nisnamanar...@gmail.com wrote: Thank you all for the input on how to resolve to problem with the second loop. Not sure if this is what you're working towards, but the problem of prompt and response is always a design decision - when you are looking to make a multiple prompt script - is the first one inside or out of the while loop? Will the text always be the same? How do you plan to have the user exit? So, something like: #!/usr/bin/perl -w # # Cookie Monster use strict; print 'Give me a cookie (q to quit): '; while ( my $cookie = ) { chomp($cookie); if ( $cookie eq 'cookie') { print Mmmm. Cookie.\n; print 'Give me another cookie (q to quit): '; } else { last if $cookie eq 'q'; print q(That's not a cookie, give me cookie (q to quit): ); } } You sort of have to pick your duplications - not necessarily the best route, but one way, anyway -- a Andy Bach, afb...@gmail.com 608 658-1890 cell 608 261-5738 wk
Re: Cookies - Basic Perl
On Tue, Dec 11, 2012 at 3:47 PM, Alex Ahn nisnamanar...@gmail.com wrote: I have a problem with a certain script, as a beginner. #!/usr/bin/perl -w # # Cookie Monster use strict; print 'Give me a cookie (q to quit): '; while ( my $cookie = ) { chomp($cookie); if ( $cookie eq 'cookie') { print Mmmm. Cookie.\n; print 'Give me another cookie (q to quit): '; } else { last if $cookie eq 'q'; print q(That's not a cookie, give me cookie (q to quit): ); } } So just a couple of points on what I added - use strict is a great idea, esp. at learning stage. Any script over 5 lines? use strict. is pretty much the same as STDIN, it's the standard ahem idiom. I used a temp var as you had ($cookie), but in this case, using the default while usage assings directly to $_: while ( ) { if ( $_ eq 'cookie') { and that gets easier with regular expression matching: while ( my $cookie = ) { chomp($cookie); if ( /cookie/ ) { means if $_ contains the word cookie - we can limit that more if needed. Using the temp var does let you use it in your code: print Mmmm. Cookie.\n; becomes print Mmmm. $cookie.\n; for example - again, more useful when there some variation allowed. The line last if $cookie eq 'q'; last breaks you out of the while loop - yes, it's akin to the much reviled goto stmt but we don't talk about that. Actually we do - goto isn't inherently bad, just too easy to misuse. Perl does have a goto stmt even. Finally print q(That's not a cookie, give me cookie (q to quit): ); the q( ... ) syntax is an alternative quoting process as I used a single quote/apostrophe in the text. There is q and qq (double quotes) and the next char will be the delimiter for the quoted string. If it is a paired sort of char (parens, curly brackets etc), you use open an close set. Otherwise any char will do; tildas are a common choice. Note, because used the paired marker paren, Perl is smart enough to ignore the quoted paren set around q to quit. HTH - sorry to be so pendantic, but I are one. -- a Andy Bach, afb...@gmail.com 608 658-1890 cell 608 261-5738 wk
Cookies - Basic Perl
I have a problem with a certain script, as a beginner. #!/usr/bin/perl -w # # Cookie Monster $cookie = ; while ( $cookie ne 'cookie') { print 'Give me a cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookie.\n; while ( $cookie ne 'cookie') { print 'Give me another cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookies.\n; When I input 'cookie', the script will print the lines that will appear from the first and second requests. The script will not print the second request's demand. I think it's because the ne value is the same for the two, and I cannot separate the demands unless I change the ne value for the second demand to 'another cookie'. -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
Re: Cookies - Basic Perl
On Tue, 11 Dec 2012 16:47:15 -0500 Alex Ahn nisnamanar...@gmail.com wrote: I have a problem with a certain script, as a beginner. #!/usr/bin/perl -w # # Cookie Monster $cookie = ; while ( $cookie ne 'cookie') { print 'Give me a cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookie.\n; $cookie = ; while ( $cookie ne 'cookie') { print 'Give me another cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookies.\n; When I input 'cookie', the script will print the lines that will appear from the first and second requests. The script will not print the second request's demand. I think it's because the ne value is the same for the two, and I cannot separate the demands unless I change the ne value for the second demand to 'another cookie'. You have to eat, er, clear the first cookie. :) -- Just my 0.0002 million dollars worth, Shawn Programming is as much about organization and communication as it is about coding. Why fit in when you can stand out? Dr. Seuss The only way that problems get solved in real life is with a lot of hard work on getting the details right. Linus Torvalds -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
Re: Cookies - Basic Perl
Hi, On Tue, Dec 11, 2012 at 10:47 PM, Alex Ahn nisnamanar...@gmail.com wrote: I have a problem with a certain script, as a beginner. #!/usr/bin/perl -w # # Cookie Monster $cookie = ; while ( $cookie ne 'cookie') { print 'Give me a cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookie.\n; *** HERE -- Attention Please *** The variable $cookie still has the value 'cookie'. So to enter the second while loop, like Shawn rightly pointed out --- clear the variable $cookie like so: $cookie = ; while ( $cookie ne 'cookie') { print 'Give me another cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookies.\n; When I input 'cookie', the script will print the lines that will appear from the first and second requests. The script will not print the second request's demand. I think it's because the ne value is the same for the two, and I cannot separate the demands unless I change the ne value for the second demand to 'another cookie'. -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/ -- Tim
Re: Cookies - Basic Perl
Thank you all for the input on how to resolve to problem with the second loop. Alex On 12/11/2012 5:00 PM, Shawn H Corey wrote: On Tue, 11 Dec 2012 16:47:15 -0500 Alex Ahn nisnamanar...@gmail.com wrote: I have a problem with a certain script, as a beginner. #!/usr/bin/perl -w # # Cookie Monster $cookie = ; while ( $cookie ne 'cookie') { print 'Give me a cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookie.\n; $cookie = ; while ( $cookie ne 'cookie') { print 'Give me another cookie: '; chomp($cookie = STDIN); } print Mmmm. Cookies.\n; When I input 'cookie', the script will print the lines that will appear from the first and second requests. The script will not print the second request's demand. I think it's because the ne value is the same for the two, and I cannot separate the demands unless I change the ne value for the second demand to 'another cookie'. You have to eat, er, clear the first cookie. :) -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
Enable cookies in a Mechanize script
Hello, I'm trying to screen scrap a site that requires cookies to be enabled. I'm having problems getting to the next page. In the post action there's a ;jsessionid appended while there's no such id if I try loading the page in a cookie-enabled browser. I used HTTP::Cookies to enabled the cookies in the Mech script but it didn't seem to enable it. I searched for a solution online but couldn't find any. How do I go about this? Thank you so much for your time. z.j.
Re: Retrieving Cookies does not return all domain values
Thomas Hilbig wrote: I am in the process of changing my cookies (stored on my users’ browsers) so they can be shared across multiple servers under my domain. So, instead of writing cookies with domain ‘www.mydomain.com’, I am writing them to ‘.mydomain.com’ so they can be read by www.mydomain.com, www2.mydomain.com etc.During the transition, I need to be able to retrieve cookie values stored for the main domain and the subdomain. Browsers will store cookies from ‘www.mydomain.com’ and ‘.mydomain.com’ separately, and return multiple values if the target servername matches the hierarchy. However, I cannot find a way under CGI.pm or CGI::Cookie to retrieve these multiple values – only one value is ever returned. snip Is there a method to get CGI.pm to fetch all the values in the request, or am I forced to use the environment variable? I would guess that the problem is that they share the same name. I don't know if you can have CGI.pm help you, but OTOH it's not that difficult to grab the values: my @cookie_values; for my $pair ( split /;\s*/, $ENV{HTTP_COOKIE} ) { my ($name, $value) = split /=/, $pair; s/%(..)/chr(hex $1)/eg for $name, $value; push @cookie_values, $value if $name eq 'var'; } -- Gunnar Hjalmarsson Email: http://www.gunnar.cc/cgi-bin/contact.pl -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
Retrieving Cookies does not return all domain values
I am in the process of changing my cookies (stored on my users’ browsers) so they can be shared across multiple servers under my domain. So, instead of writing cookies with domain ‘www.mydomain.com’, I am writing them to ‘.mydomain.com’ so they can be read by www.mydomain.com, www2.mydomain.com etc. During the transition, I need to be able to retrieve cookie values stored for the main domain and the subdomain. Browsers will store cookies from ‘www.mydomain.com’ and ‘.mydomain.com’ separately, and return multiple values if the target servername matches the hierarchy. However, I cannot find a way under CGI.pm or CGI::Cookie to retrieve these multiple values – only one value is ever returned. Example, I can set 2 cookies from server www.mydomain.com using: my $cookieShort = cookie(-name='var', -value=’hello_short’, -expires='+1M', -domain=’.mydomain.com’) my $cookieLong = cookie(-name='var', -value=’hello_long’, -expires='+1M', -domain=’www.mydomain.com’) print $q-header({-cookie=[$cookieShort, $cookieLong], -type='text/html', -expires='-1d'}) ; The client returns both values properly to this server, and I can see these passed to the ENV environment variable: print ENV{'HTTP_COOKIE'} ; var=hello_short; var=hello_long However, using CGI.pm or CGI::Cookie only one value (the highest level domain ) is ever returned: Print $q-cookie(-name='var') ; hello_short my @arrayCookies = $q-cookie(-name='var') ; # using array context foreach (@arrayCookies) { print $_\n ; } hello_short Is there a method to get CGI.pm to fetch all the values in the request, or am I forced to use the environment variable? Fetching cookies using an array context will only bring back multiple values if they are set under a single domain. -- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/
RE: cookies
I know that there are many template systems and modules available to implement it. I have experienced using sessions. That was easy too. But cookies behave differently. I need to understand the behavioral issues in cookies. Now, let me put my doubt in other terms. Please, look into the following code: # animal is an existing cookie with value as 'lion' my $animal = cookie('animal'); # now $animal gets 'lion' # now assign 'tiger' to animal my $cookiereplace = Set-Cookie: animal = tiger;\n; print $cookiereplace # assignment done my $animal_new = cookie('animal'); . # Question : Now what does $animal_new contain? . print header; my $animal_very_new = cookie('animal'); . # Question : Also, what does $animal_very_new contain? . -Original Message- From: Chris Devers [mailto:[EMAIL PROTECTED] Sent: Monday, November 14, 2005 8:36 PM To: S, karthik (IE03x) Cc: Perl Beginners List Subject: RE: cookies On Mon, 14 Nov 2005, S, karthik (IE03x) wrote: my $username = 'name'; my $cookiereplace = Set-Cookie: username=$username; expires= \n; print $cookiereplace print header; #print htmls To unset the cookie : my $cookiereplace = Set-Cookie: username='';; Okay, that's a start, thank you. Now, please, can you point out the documentation you were reading that led you to believe that this would do anything useful? I have a hunch you may have mis-read something :-) Here's a hint: among a great many other ways to do this, the CGI.pm module has built-in methods to handle this for you. Look up for the cookie sections of the CGI perldoc; an online version is here: http://perldoc.perl.org/CGI.html#HTTP-COOKIES Additionally, higher-level modules like CGI::Application do a lot of the work needed to make you forget that cookies are even necessary. Documentation on it is available at http://search.cpan.org/~markstos/CGI-Application/lib/CGI/Application.pm But if you just want to do things the old-fashioned way with raw cookies, don't roll your own code to do this when it's a problem that has been solved a hundred thousand times now -- just let CGI.pm do it. -- Chris Devers ^0%T [EMAIL PROTECTED]
Re: cookies
Hello, # animal is an existing cookie with value as 'lion' my $animal = cookie('animal'); # now $animal gets 'lion' # now assign 'tiger' to animal my $cookiereplace = Set-Cookie: animal = tiger;\n; print $cookiereplace # assignment done my $animal_new = cookie('animal'); . # Question : Now what does $animal_new contain? lion, because: 1) you just gave the browser new stuff but [did|could] not do anything to fetch the new data. 2 you have not even done that yet since the header isn't fully sent... . print header; my $animal_very_new = cookie('animal'); . # Question : Also, what does $animal_very_new contain? Same as above. Search google for how cookies and HTTp headers work, its all independent of what langauge you use to set_ and get_ the data... Its how and when you fetch and send headers and what the webserver has forom your browser at what point. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies
On 11/16/05, S, karthik (IE03x) [EMAIL PROTECTED] wrote: I know that there are many template systems and modules available to implement it. I have experienced using sessions. That was easy too. But cookies behave differently. I need to understand the behavioral issues in cookies. Now, let me put my doubt in other terms. Please, look into the following code: # animal is an existing cookie with value as 'lion' my $animal = cookie('animal'); # now $animal gets 'lion' # now assign 'tiger' to animal my $cookiereplace = Set-Cookie: animal = tiger;\n; print $cookiereplace # assignment done my $animal_new = cookie('animal'); . # Question : Now what does $animal_new contain? . print header; my $animal_very_new = cookie('animal'); . # Question : Also, what does $animal_very_new contain? . -Original Message- From: Chris Devers [mailto:[EMAIL PROTECTED] Sent: Monday, November 14, 2005 8:36 PM To: S, karthik (IE03x) Cc: Perl Beginners List Subject: RE: cookies On Mon, 14 Nov 2005, S, karthik (IE03x) wrote: my $username = 'name'; my $cookiereplace = Set-Cookie: username=$username; expires= \n; print $cookiereplace print header; #print htmls To unset the cookie : my $cookiereplace = Set-Cookie: username='';; Okay, that's a start, thank you. Now, please, can you point out the documentation you were reading that led you to believe that this would do anything useful? I have a hunch you may have mis-read something :-) Here's a hint: among a great many other ways to do this, the CGI.pm module has built-in methods to handle this for you. Look up for the cookie sections of the CGI perldoc; an online version is here: http://perldoc.perl.org/CGI.html#HTTP-COOKIES Additionally, higher-level modules like CGI::Application do a lot of the work needed to make you forget that cookies are even necessary. Documentation on it is available at http://search.cpan.org/~markstos/CGI-Application/lib/CGI/Application.pm But if you just want to do things the old-fashioned way with raw cookies, don't roll your own code to do this when it's a problem that has been solved a hundred thousand times now -- just let CGI.pm do it. -- Chris Devers ^0%T [EMAIL PROTECTED] Hello Karthikeyan S, I think you understand how to set a raw cookie from what has been discussed so far. Your original question was how to set AND delete them. To delete a cookie that has been set, simply set a cookie and for the 'expire' time, set it to a date that has passed already. Also, I see a number of web sites that IMPROPERLY document cookies. When setting cookies, you should include the follow to ensure that your cookies are secure and behave properly (otherwise, the cookies set can be read by other sites, scripts, etc.): Set-Cookie: name=$name; expires=date; path=$path_to_the_application (s)_that_are_allowed_to_modify_or_delete_the_cookie; domain=$your_web_site_address; -Chappy
RE: cookies
Thanks buddy, I am clear with it now. With Best Regards, Karthikeyan S -Original Message- From: JupiterHost.Net [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 16, 2005 11:42 PM To: beginners@perl.org Subject: Re: cookies Hello, # animal is an existing cookie with value as 'lion' my $animal = cookie('animal'); # now $animal gets 'lion' # now assign 'tiger' to animal my $cookiereplace = Set-Cookie: animal = tiger;\n; print $cookiereplace # assignment done my $animal_new = cookie('animal'); . # Question : Now what does $animal_new contain? lion, because: 1) you just gave the browser new stuff but [did|could] not do anything to fetch the new data. 2 you have not even done that yet since the header isn't fully sent... . print header; my $animal_very_new = cookie('animal'); . # Question : Also, what does $animal_very_new contain? Same as above. Search google for how cookies and HTTp headers work, its all independent of what langauge you use to set_ and get_ the data... Its how and when you fetch and send headers and what the webserver has forom your browser at what point. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: cookies
Chappy, Thanks buddy. I got clarified with this issue. Yes, it is true that there are multiple documents convey multiple things. :-) . The information from your part is valuable to me. With Best Regards, Karthikeyan S From: Omega -1911 [mailto:[EMAIL PROTECTED] Sent: Thursday, November 17, 2005 1:15 AM To: S, karthik (IE03x) Cc: [EMAIL PROTECTED]; Perl Beginners List Subject: Re: cookies On 11/16/05, S, karthik (IE03x) [EMAIL PROTECTED] wrote: I know that there are many template systems and modules available to implement it. I have experienced using sessions. That was easy too. But cookies behave differently. I need to understand the behavioral issues in cookies. Now, let me put my doubt in other terms. Please, look into the following code: # animal is an existing cookie with value as 'lion' my $animal = cookie('animal'); # now $animal gets 'lion' # now assign 'tiger' to animal my $cookiereplace = Set-Cookie: animal = tiger;\n; print $cookiereplace # assignment done my $animal_new = cookie('animal'); . # Question : Now what does $animal_new contain? . print header; my $animal_very_new = cookie('animal'); . # Question : Also, what does $animal_very_new contain? . -Original Message- From: Chris Devers [mailto:[EMAIL PROTECTED] Sent: Monday, November 14, 2005 8:36 PM To: S, karthik (IE03x) Cc: Perl Beginners List Subject: RE: cookies On Mon, 14 Nov 2005, S, karthik (IE03x) wrote: my $username = 'name'; my $cookiereplace = Set-Cookie: username=$username; expires= \n; print $cookiereplace print header; #print htmls To unset the cookie : my $cookiereplace = Set-Cookie: username='';; Okay, that's a start, thank you. Now, please, can you point out the documentation you were reading that led you to believe that this would do anything useful? I have a hunch you may have mis-read something :-) Here's a hint: among a great many other ways to do this, the CGI.pm module has built-in methods to handle this for you. Look up for the cookie sections of the CGI perldoc; an online version is here: http://perldoc.perl.org/CGI.html#HTTP-COOKIES Additionally, higher-level modules like CGI::Application do a lot of the work needed to make you forget that cookies are even necessary. Documentation on it is available at http://search.cpan.org/~markstos/CGI-Application/lib/CGI/Application.pm But if you just want to do things the old-fashioned way with raw cookies, don't roll your own code to do this when it's a problem that has been solved a hundred thousand times now -- just let CGI.pm do it. -- Chris Devers ^0%T [EMAIL PROTECTED] Hello Karthikeyan S, I think you understand how to set a raw cookie from what has been discussed so far. Your original question was how to set AND delete them. To delete a cookie that has been set, simply set a cookie and for the 'expire' time, set it to a date that has passed already. Also, I see a number of web sites that IMPROPERLY document cookies. When setting cookies, you should include the follow to ensure that your cookies are secure and behave properly (otherwise, the cookies set can be read by other sites, scripts, etc.): Set-Cookie: name=$name; expires=date; path=$path_to_the_application (s)_that_are_allowed_to_modify_or_delete_the_cookie; domain=$your_web_site_address; -Chappy
cookies
Dear all, Could some one help me out by explaining how to set and delete a cookie using perl... With Best Regards, Karthikeyan S Honeywell Process Solutions - eRetail Honeywell Automation India Limited Phone:91-20-56039400 Extn -2701 Mobile :(0)9325118422 E-Mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] This e-mail, and any attachments thereto, are intended only for use by the addressee(s) named herein and contain Honeywell confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying which amounts to misappropriation of this e-mail and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me and permanently delete the original and any copy of any e-mail and any printout thereof.
RE: cookies
To set the cookie I have used the following: my $username = 'name'; my $cookiereplace = Set-Cookie: username=$username; expires= \n; print $cookiereplace print header; #print htmls To unset the cookie : my $cookiereplace = Set-Cookie: username='';; With Best Regards, Karthikeyan S Honeywell Process Solutions - eRetail Honeywell Automation India Limited Phone:91-20-56039400 Extn -2701 Mobile :(0)9325118422 E-Mail: [EMAIL PROTECTED] This e-mail, and any attachments thereto, are intended only for use by the addressee(s) named herein and contain Honeywell confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying which amounts to misappropriation of this e-mail and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me and permanently delete the original and any copy of any e-mail and any printout thereof. -Original Message- From: Chris Devers [mailto:[EMAIL PROTECTED] Sent: Monday, November 14, 2005 5:45 PM To: S, karthik (IE03x) Cc: beginners@perl.org Subject: Re: cookies On Mon, 14 Nov 2005, S, karthik (IE03x) wrote: Could some one help me out by explaining how to set and delete a cookie using perl... Probably. Can you help us out by showing us what code you've tried so far, /or what documentation you've read so far? Give us a hint that you've at least *tried* to answer such a Frequently Asked Question for yourself, and we'll be happy to help you out. -- Chris Devers -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: cookies
On Mon, 14 Nov 2005, S, karthik (IE03x) wrote: my $username = 'name'; my $cookiereplace = Set-Cookie: username=$username; expires= \n; print $cookiereplace print header; #print htmls To unset the cookie : my $cookiereplace = Set-Cookie: username='';; Okay, that's a start, thank you. Now, please, can you point out the documentation you were reading that led you to believe that this would do anything useful? I have a hunch you may have mis-read something :-) Here's a hint: among a great many other ways to do this, the CGI.pm module has built-in methods to handle this for you. Look up for the cookie sections of the CGI perldoc; an online version is here: http://perldoc.perl.org/CGI.html#HTTP-COOKIES Additionally, higher-level modules like CGI::Application do a lot of the work needed to make you forget that cookies are even necessary. Documentation on it is available at http://search.cpan.org/~markstos/CGI-Application/lib/CGI/Application.pm But if you just want to do things the old-fashioned way with raw cookies, don't roll your own code to do this when it's a problem that has been solved a hundred thousand times now -- just let CGI.pm do it. -- Chris Devers 0%T [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies
On Mon, 14 Nov 2005, S, karthik (IE03x) wrote: Could some one help me out by explaining how to set and delete a cookie using perl... Probably. Can you help us out by showing us what code you've tried so far, /or what documentation you've read so far? Give us a hint that you've at least *tried* to answer such a Frequently Asked Question for yourself, and we'll be happy to help you out. -- Chris Devers -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies as hidden files
On 9/16/05 12:08 AM, Denzil Kruse [EMAIL PROTECTED] wrote: Hi all, I read through the docs for CGI::Cookie and learned how to set a cookie. I do it with line: my $cookie = new CGI::Cookie(-name='name', -value=$name, -expires='+6M'); But, I've found out that when IE creates the cookie, it creates it as a hidden file, so when I come around and fetch it, it can't find the cookie and hangs. But, I saw some cookies that weren't hidden. The list just got bigger once I told windows to how hidden files. So, my question is, how can I create the cookie in such a way that it isn't hidden? I couldn't find it in the docs I looked through. Cookies are stored on the client side while they are generated and read from the server side. Whether or not the cookie is in a hidden file makes no difference as long as the browser knows where the cookie is, which it presumably does. Sean -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies as hidden files
1. Are we setting up the proper headers? use CGI; my $q = new CGI; print $q-header(-cookie=$cookie); 2. I am unable to see the -domain = 'foo.com'; 3. On which machine, you are testing? Your Windows (localhost) or a real web server?. I have always experienced problems locating cookies for my localhost (Windows XP, Apache). But when I ran the scripts on my *nix Web Server, those worked fine. 4. When dealing with cookies and calling the scripts within your browser, don't hit your refresh button while testing the script, always call the script in a new window for fresh headers. I have never experienced HIDDEN cookies, new phenomenon for me atleast. HTH, Sara. - Original Message - From: Denzil Kruse [EMAIL PROTECTED] To: beginners-cgi@perl.org Sent: Friday, September 16, 2005 9:08 AM Subject: cookies as hidden files Hi all, I read through the docs for CGI::Cookie and learned how to set a cookie. I do it with line: my $cookie = new CGI::Cookie(-name='name', -value=$name, -expires='+6M'); But, I've found out that when IE creates the cookie, it creates it as a hidden file, so when I come around and fetch it, it can't find the cookie and hangs. But, I saw some cookies that weren't hidden. The list just got bigger once I told windows to how hidden files. So, my question is, how can I create the cookie in such a way that it isn't hidden? I couldn't find it in the docs I looked through. thanks, Denzil __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies as hidden files
Well, this is what I witnessed. I'm using a windows computer at home. It is configured to display hidden files. I have a red hat linux server off who knows where that hosts my site. I set up a perl script to set and fetch cookies, and it does so correctly on my computer. But, I went over to a friend's windows computer, and when it tried to bring up the site, the browser(IE) hung. Part of the web site is a flash presentation with music, but the flash was hanging as well, and there was no music. So I start looking for the cookies on the local machine. I couldn't find it, so did a search on the entire machine. Still couldn't find it, which freaked me out be because I knew it was there. So, I went into the folder options or whatever it is called and told the computer to display hidden files. The moment I did that, the cookies appeared in windows explorer in the cookies directory, and the music from the flash presentation started playing. So I concluded that if windows explorer couldn't see the cookie, then IE couldn't either. I suppose I could do a few more experiments, but it sure seems like that cookie was hidden and couldn't be found. Before I displayed the hidden files, there were cookies in the cookies directory. So some cookies aren't considered hidden files and others are. I'm trying to figure out how to get my cookies to not be hidden/system files so they appear. Denzil --- Sean Davis [EMAIL PROTECTED] wrote: Cookies are stored on the client side while they are generated and read from the server side. Whether or not the cookie is in a hidden file makes no difference as long as the browser knows where the cookie is, which it presumably does. Sean __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies as hidden files
--- Sara [EMAIL PROTECTED] wrote: 1. Are we setting up the proper headers? use CGI; my $q = new CGI; print $q-header(-cookie=$cookie); I think so. I did it this way: my $cookie = new CGI::Cookie(-name='name', -value=$name, -expires='+6M'); print Set-Cookie: $cookie\n; 2. I am unable to see the -domain = 'foo.com'; I left that out. The docs say If no domain is specified, then the browser will only return the cookie to servers on the host the cookie originated from. Which is what I want I think? 3. On which machine, you are testing? Your Windows (localhost) or a real web server?. I have always experienced problems locating cookies for my localhost (Windows XP, Apache). But when I ran the scripts on my *nix Web Server, those worked fine. yes, I'm using a linux red hat server off on the internet somewhere. 4. When dealing with cookies and calling the scripts within your browser, don't hit your refresh button while testing the script, always call the script in a new window for fresh headers. Okay. I have never experienced HIDDEN cookies, new phenomenon for me atleast. I'll go through and double check. It could have been some weird coincidence, but I don't think so. HTH, Sara. Thanks for your help, Denzil __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies as hidden files
Denzil Kruse wrote: Well, this is what I witnessed. I'm using a windows computer at home. It is configured to display hidden files. I have a red hat linux server off who knows where that hosts my site. I set up a perl script to set and fetch cookies, and it does so correctly on my computer. But, I went over to a friend's windows computer, and when it tried to bring up the site, the browser(IE) hung. Part of the web site is a flash presentation with music, but the flash was hanging as well, and there was no music. Whatever problem this is, it isn't a Perl problem. Your CGI script neither reads nor writes files on the client PC; the browser handles all that. Sounds like your friend's browser is broken? Or perhaps he has cookies disabled, in which case any cookies sent by your script are simply discarded and you won't see them come back. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: cookies as hidden files
I've spent the morning trying to reproduce it on my machine and my brothers, and can't seem to do it. It must have been some kind of coincidence or fluke. Thanks for your help everyone. I'll let you know if I ever figure it out. Denzil --- Bob Showalter [EMAIL PROTECTED] wrote: Whatever problem this is, it isn't a Perl problem. Your CGI script neither reads nor writes files on the client PC; the browser handles all that. Sounds like your friend's browser is broken? Or perhaps he has cookies disabled, in which case any cookies sent by your script are simply discarded and you won't see them come back. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
cookies as hidden files
Hi all, I read through the docs for CGI::Cookie and learned how to set a cookie. I do it with line: my $cookie = new CGI::Cookie(-name='name', -value=$name, -expires='+6M'); But, I've found out that when IE creates the cookie, it creates it as a hidden file, so when I come around and fetch it, it can't find the cookie and hangs. But, I saw some cookies that weren't hidden. The list just got bigger once I told windows to how hidden files. So, my question is, how can I create the cookie in such a way that it isn't hidden? I couldn't find it in the docs I looked through. thanks, Denzil __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Clearing cookies
Okay, never mind. There was an error elsewhere in my code. Denzil --- Denzil Kruse [EMAIL PROTECTED] wrote: I'm still having a problem clearing the cookie, or at least with the browser realizing it has been cleared. What happens is this: The cookie is set, and my program behaves as it is supposed to. When I decide to clear it, I do it and display a form which will recreate the cookie once the form is filled out and the submit button is pushed. So it clears the cookie and displays the form. I look under C:\Documents and Settings\Owner\Cookies on my local computet running the browser, and I see the cookie disappear. But when I press the button on the form once, the browser behaves as if the cookie is still set. If I then press the button a second time, it behaves as if the cookie isn't there (correctly). I do have an apache rewrite rule in effect, maybe that is causing it to have to do it twice? Denzil Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Clearing cookies
Hi all, I'm trying to clear a cookie using CGI::Cookies, and can't seem to do it :( if ($clear_cookie eq 'yes') { my %cookies = fetch CGI::Cookie; print getting cookiebr; if ($cookies{'id'}) { print clearing cookiebr; $cookies{'id'}-expires('-1s'); print cleared cookiebr; } } I'm getting the cleard cookie message, but it is still there. Denzil Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Clearing cookies
Denzil Kruse wrote: Hi all, I'm trying to clear a cookie using CGI::Cookies, and can't seem to do it :( if ($clear_cookie eq 'yes') { my %cookies = fetch CGI::Cookie; print getting cookiebr; if ($cookies{'id'}) { print clearing cookiebr; $cookies{'id'}-expires('-1s'); print cleared cookiebr; } } I'm getting the cleard cookie message, but it is still there. Denzil To clear the cookie in the user's client (browser) you have to set the cookie again by printing it in the response headers. You are only setting the local expiration, to have that maintained across the rest of the session you have to tell the browser about it, which is done by passing it back as if you were setting it initially. HTH, http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Problem in reading cookies
Mallik ha scritto: Hi All, I have an perl script that reads cookies. In one system it is able to read the cookies properly. But the same is not working in another system. Browsers and their versions are same in both systems. I even set the browser properties same in both the systems. You mean accept cookies and such ? Then I printed the environment variables in that script. The variable HTTP_COOKIE is printed in first system but not in the other system (where it is not able to read the cookies). What could be the reason for this? Any help in this is greatly appreciated. Thanks Regards, Mallik. You should supply more information to help somebody help you. Marcello -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: Problem in reading cookies
Hi Marcello, Here is the detailed info. We have two applications. One applications sets the value of the cookie and the 2nd application reads that cookie's value. When I execute the first application in 2 systems, the cookie is being set in first system, but not in the 2nd system. That's why the 2nd application is not able to read the cookies in the 2nd system. The browser is IE 6.0 and the settings are same in both the systems. We are not able to trace the problem. Any help in this regard is greatly appreciated. Hope I have given required information. Thanks, Mallik. -Original Message- From: Marcello [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 02, 2005 1:51 PM To: Mallik Cc: beginners@perl.org Subject: Re: Problem in reading cookies Mallik ha scritto: Hi All, I have an perl script that reads cookies. In one system it is able to read the cookies properly. But the same is not working in another system. Browsers and their versions are same in both systems. I even set the browser properties same in both the systems. You mean accept cookies and such ? Then I printed the environment variables in that script. The variable HTTP_COOKIE is printed in first system but not in the other system (where it is not able to read the cookies). What could be the reason for this? Any help in this is greatly appreciated. Thanks Regards, Mallik. You should supply more information to help somebody help you. Marcello -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Problem in reading cookies
Hi All, I have an perl script that reads cookies. In one system it is able to read the cookies properly. But the same is not working in another system. Browsers and their versions are same in both systems. I even set the browser properties same in both the systems. Then I printed the environment variables in that script. The variable HTTP_COOKIE is printed in first system but not in the other system (where it is not able to read the cookies). What could be the reason for this? Any help in this is greatly appreciated. Thanks Regards, Mallik. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Problem in reading cookies
Hi All, I have an perl script that reads cookies. In one system it is able to read the cookies properly. But the same is not working in another system. Browsers and their versions are same in both systems. I even set the browser properties same in both the systems. Then I printed the environment variables in that script. The variable HTTP_COOKIE is printed in first system but not in the other system (where it is not able to read the cookies). What could be the reason for this? Any help in this is greatly appreciated. Thanks Regards, Mallik. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Help with cookies
Does anyone know if I should be able to write a cookie like : snip $secure{USER}=$user-{USER_ID}; $secure{LEVEL}=$REQUEST{LEVEL}; %{$secure{USER_CATEGORIES}}=%USER_CATEGORIES; %{$secure{USER_ACCOUNTS}}=%USER_ACCOUNTS; @[EMAIL PROTECTED]; my $my_cookie = $q-cookie(-name='TechDirect', -value=\%secure, -expires='+10h'); print $q-header({-type=text/html, -target='toolbar', -cookie=$my_cookie}); /snip When I return the cookie I don't appear to have the USER_CATEGORIES USER_ACCOUNTS plus USER_GROUP is null but is an array reference... The scalar values return OK... jwm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Help with cookies
Dear John, It is likely that you cannot store complex datastructures in cookies. (at least how the CGI module is currently written). You could try encoding the data to a string. Jonathan Paton -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: Help with cookies
Dear John, It is likely that you cannot store complex datastructures in cookies. (at least how the CGI module is currently written). You could try encoding the data to a string. Jonathan Paton [jwm] Thank you for the Dear John letter ;-)... I was afraid that may be the answer I got... but wanted to check before starting down another path... Thanks for the reply... jwm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Help with cookies
Does anyone know if I should be able to write a cookie like : snip $secure{USER}=$user-{USER_ID}; $secure{LEVEL}=$REQUEST{LEVEL}; %{$secure{USER_CATEGORIES}}=%USER_CATEGORIES; %{$secure{USER_ACCOUNTS}}=%USER_ACCOUNTS; @[EMAIL PROTECTED]; my $my_cookie = $q-cookie(-name='TechDirect', -value=\%secure, -expires='+10h'); print $q-header({-type=text/html, -target='toolbar', -cookie=$my_cookie}); /snip When I return the cookie I don't appear to have the USER_CATEGORIES USER_ACCOUNTS plus USER_GROUP is null but is an array reference... The scalar values return OK... You need to learn to write little test programs to See What's Really Happening BEFORE you ask the list. .. BEGIN PERL PROGRAM .. #!/usr/bin/perl use strict; use warnings; use CGI; use Data::Dumper; my %secure; $secure{USER} = 123; $secure{LEVEL} = 'exulted'; %{$secure{USER_CATEGORIES}} = ( metal = 'rusty', fruit = 'citrus' ); @{$secure{USER_GROUPS}} = ( 10, 20, 30 ); warn Dumper \%secure; my $query = new CGI; my $cookie = $query-cookie (-name = 'cookie', -value = \%secure ); warn Dumper $cookie; warn $cookie-as_string; ... END PERL PROGRAM ... Produces the output (interspersed with commentary) lawrence /tmp perl test.pl $VAR1 = { 'USER_CATEGORIES' = { 'fruit' = 'citrus', 'metal' = 'rusty' }, 'LEVEL' = 'exulted', 'USER_GROUPS' = [ 10, 20, 30 ], 'USER' = 123 }; Okay -- here we see the secure hashref -- looks good. $VAR1 = bless( { 'value' = [ 'USER_CATEGORIES', { 'fruit' = 'citrus', 'metal' = 'rusty' }, 'LEVEL', 'exulted', 'USER_GROUPS', [ 10, 20, 30 ], 'USER', 123 ], 'name' = 'cookie', 'path' = '/' }, 'CGI::Cookie' ); And, it got promoted into a cookie pretty well ... cookie=USER_CATEGORIESHASH%280x12afe8%29LEVELexultedUSER_GROUPSARRAY%280x21d24c%29USER123; path=/ at test.pl line 25. Ahhh, but here we see where it's failing (and by the way, John Paton is right: You Just Can't Do That) Basically: A cookie can have as it's value either a scalar, or a single list of scalars. (Which you can choose to pass in as a listref or a hashref, keeping in mind the relationship bewteen hash constructors and lists ) -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Lawrence Statton - [EMAIL PROTECTED] s/aba/c/g Computer software consists of only two components: ones and zeros, in roughly equal proportions. All that is required is to sort them into the correct order. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: Help with cookies
Moon, John wrote: Does anyone know if I should be able to write a cookie like : [ snip complex data structure ] You can do this if you serialize the complex structure into a scalar and then deserialize it when you read the cookie back. For an example of how to do this see the module Apache::Session::Serialize::Base64. It uses Storable and MIME::Base64 to do the serialization. There are various other serialization modules on CPAN you might look into... -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Help with cookies
Moon, John wrote: Does anyone know if I should be able to write a cookie like : [ snip complex data structure ] You can do this if you serialize the complex structure into a scalar and then deserialize it when you read the cookie back. For an example of how to do this see the module Apache::Session::Serialize::Base64. It uses Storable and MIME::Base64 to do the serialization. There are various other serialization modules on CPAN you might look into... This entire thread segueues nicely to a discussion on what should you keep in a cookie? Lawrence's Cookie Dogma #1: Any site that has more than one opaque identifier per user is B-R-O-K-E-N. ESPECIALLY sites that keep lots and lots of state in a cookie. Exceptions to LCD#1 include: Yeah, yeah, I know -- sometimes site operators install some 3d party thing that needs it's OWN opaque identifier, and then they find they have seven of these 3d party modules, each with its own identity cookie ... Some advantages to having state kept on the server side: 1 - I can connect from any computer in the world and my preferences and state follow me. This is ESPECIALLY important for markets outside the US, where some large fraction do all their web-surfing from public-access computers. 2 - The amount of data you can safely store in a cookie is browser dependent and variable. 3 - ALL cookie data (barring some clever hacks with paths) is transmitted with EVERY request, increasing overall site latency. Imagine how long it takes to send a dozen cookies of a few hundred bytes each with EVERY request when the user is on a severely asymmetrical connection. Now, multiply that delay through the eleventy-three indivisual graphic elements on each of your pages, and keep that in mind when the marketing people come ask you why so many users only get one layer deep in the click-path. 4 - If the day comes, that you decide NOT to use cookies at all for state, for marketing reasons[1], you're going to have to solve this problem again. Footnotes: [1] I actually think cookie paranoia is misplaced, and would love to see users educated -- but The Client Is Always Right, and if they say Our industry demands no cookies then so be it. There are other ways of keeping state, use them when you must. -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Lawrence Statton - [EMAIL PROTECTED] s/aba/c/g Computer software consists of only two components: ones and zeros, in roughly equal proportions. All that is required is to sort them into the correct order. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
setting more than 1 -domain= in cookies
Hello all, I have a perl script that I am using to write a cookie: my $cookie = new CGI::Cookie(-name='usrID', -value=$usrID, -expires='+4h', -domain='.mydomain.com', -path='/'); ## send cookie print Set-Cookie: $cookie\n; What I want to know is the a way of setting more than 1 domain ??? ie: -domain='.mydomain.com, .mydomain2.com' for example ??? I am still trying to figure out why i cant read cookies when my perl scripts are taken into a frame ??? My perl scripts are on 1 domain and my framset is on another - there must be a way around this ?? thanks again for your help Anadi
Cookies and frames
Hello all, First a big thanks for all your help - its been invaluable and helpful with my education. Perl rocks and it has been made easier to learn because of this forum :-) OK - Now for my question. I have created a shopping cart (using perl of course :-) ) and it works fine until I put the pages into an HTML FRAME. This is a real bummer because I thought I had it sussed. The problem seems to be with getting cookies while my page is in a frameset - has anyone else had this problem and how do i get around this thanks again Anadi
Re: setting more than 1 -domain= in cookies
Hello all, I have a perl script that I am using to write a cookie: What I want to know is the a way of setting more than 1 domain ??? ie: -domain='.mydomain.com, .mydomain2.com' for example ??? Nope -- the underlying HTTP specification allows for only one domain. At this point, it would behoove you to dump all of the headers for each inbound request into a log file somewhere, and all the headers for each outbound response as well, to see where the problem lies: Are you offering correctly formatted cookies in the appropriate part of the header? Is the client not OFFERING the cookies, or are you failing to select them correctly from the environment. The simple expedient of adding: warn $query-http('HTTP_COOKIE'); (assuming your CGI object is called $query) will give you a list of all the cookies that have been offered by the browser. That should help you in tracking down problems. I would also speculate (wildly) that a cookie header in a frame document inside a frameset may take a divergent path in different clients, leading to hair-rending bugs of the form It seems to work on explodobrowser 1.77 but fails miserably on versions 1.52 or 2.09 (I tested using Firefox 1.0 and it worked fine .. YMMV) Finally, totally unrelated to platform, you're going to (sooner or later) hit cookie-paranoia amongst your users -- there are a lot of tinfoil-hat people stuck in 1999. Have you considered some OTHER technique for maintaining a session identifier. With Apache and mod_perl, it is rather easy (There's a considerable amount of example in the Apache book) to embed a state variable in the URL (I elected to put mine near the root). Another kettle of fish altogether. (The only reason I bring this up: You're going to spend a lot of effort to debug your cookie problem, perhaps to find later that some large segement of your population doesn't permit cookies). -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Lawrence Statton - [EMAIL PROTECTED] s/aba/c/g Computer software consists of only two components: ones and zeros, in roughly equal proportions. All that is required is to sort them into the correct order. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Cookies
Im trying to make a script that will login to my Pitas blog and then post an entry. I seem to be having problems with the cookies. The script is: #!/usr/bin/perl use HTTP::Request::Common qw(POST); use LWP::UserAgent; use HTTP::Cookies; #Get needed info print 'Login: '; $uname = STDIN; print 'Password: '; $pass = STDIN; print 'Date: '; $date = STDIN; print 'Time: '; $time = STDIN; print 'Title: '; $pagename = STDIN; print 'Entry: '; $entry = STDIN; $cookie_jar = HTTP::Cookies-new(); $login = LWP::UserAgent-new(); my $reql = POST 'http://www.pitas.com/cgi-bin/login.phtml', [ 'username' = $uname, 'password' = $pass, 'remember_me' = 'no' ]; $responsel = $login-request($reql); $addent = LWP::UserAgent-new(); my $requ = POST 'http://www.pitas.com/cgi-bin/update.phtml', [ 'date' = $date, 'time' = $time, 'url' = '#', 'pagename' = $pagename, 'entry' = $entry ]; $cookie_jar-add_cookie_header($requ); $cookie_jar-extract_cookies($responsel); $addent-request($requ); exit; -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Cookies
Im trying to make a script that will login to my Pitas blog and then post an entry. I seem to be having problems with the cookies. The script is: #!/usr/bin/perl use HTTP::Request::Common qw(POST); use LWP::UserAgent; use HTTP::Cookies; #Get needed info print 'Login: '; $uname = STDIN; print 'Password: '; $pass = STDIN; print 'Date: '; $date = STDIN; print 'Time: '; $time = STDIN; print 'Title: '; $pagename = STDIN; print 'Entry: '; $entry = STDIN; $cookie_jar = HTTP::Cookies-new(); $login = LWP::UserAgent-new(); my $reql = POST 'http://www.pitas.com/cgi-bin/login.phtml', [ 'username' = $uname, 'password' = $pass, 'remember_me' = 'no' ]; $responsel = $login-request($reql); $addent = LWP::UserAgent-new(); my $requ = POST 'http://www.pitas.com/cgi-bin/update.phtml', [ 'date' = $date, 'time' = $time, 'url' = '#', 'pagename' = $pagename, 'entry' = $entry ]; $cookie_jar-add_cookie_header($requ); $cookie_jar-extract_cookies($responsel); $addent-request($requ); exit; -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: more cookies in perl and asp
Anadi, are the Perl scripts and the ASPs on the same server (webhost, not machine!)? In the same directory? Maybe you have to specify the domain when creating the cookie. Jenda Hello Jenda, Both the perl scripts and the asp's are run on the same server BUT the asp's are run from a different folder from the perlscripts. I have just specified the domain in my cookie: $usrID = createUsrID(); ## create cookie my $cookie = new CGI::Cookie(-name='usrID', -value=$usrID, -expires='+2h', -domain='.mydomain.com', -path='/'); ## send cookie print Set-Cookie: $cookie\n; And I can now read this cookie with my asp script :-) usrID = Request.cookies(usrID) Thank you for your help :-) Anadi
more cookies in perl and asp
Thanks for your reply, I am going to re-write my problem; I am creating a cookie in perl script: $usrID = createUsrID(); ## create cookie my $cookie = new CGI::Cookie(-name='usrID',-value=$usrID); ## send cookie print Set-Cookie: $cookie\n; and then I am trying to recall that cookie in an asp script: usrID = Request.Cookies(usrID) but the asp script doesnt see the cookie. I can recall the same cookie again later in a perl script so I know it exists. What am I doing wrong Surely what I am trying to do is possible Thanks again Anadi I'm not sure I understand your question. ASP provides objects to enable server side scripts to produce web pages. Those scripts can be written in any sever side scripting language including perlscrpt, VBscript, and Jscript. You can retrieve cookies in the ASP environment using the Cookies method of the Response object. This page walks you through an example. : Hi all, : I have a problem that I am hoping someone can shed some : light on. I have written a cookie in perl and what I want : to do is read the cookie back but in an asp script. I can : read the cookie back in other perl scripts but the asp : script doesnt see it. Why is this and is there anyway : around it ??
RE: more cookies in perl and asp
A Taylor [EMAIL PROTECTED] wrote: : Thanks for your reply, I am going to re-write my problem; : I am creating a cookie in perl script: : : $usrID = createUsrID(); : ## create cookie : my $cookie = new CGI::Cookie(-name='usrID',-value=$usrID); A cookie without an expiration is a session cookie. : ## send cookie print Set-Cookie: $cookie\n; : : and then I am trying to recall that cookie in an asp script: : : usrID = Request.Cookies(usrID) I believe session cookies are dumped into the Session object by ASP. Try using this. usrID = Session(usrID) HTH, Charles K. Clarkson -- Mobile Homes Specialist 254 968-8328 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: more cookies in perl and asp
From: Charles K. Clarkson [EMAIL PROTECTED] A Taylor [EMAIL PROTECTED] wrote: : Thanks for your reply, I am going to re-write my problem; : I am creating a cookie in perl script: : : $usrID = createUsrID(); : ## create cookie : my $cookie = new CGI::Cookie(-name='usrID',-value=$usrID); A cookie without an expiration is a session cookie. : ## send cookie print Set-Cookie: $cookie\n; : : and then I am trying to recall that cookie in an asp script: : : usrID = Request.Cookies(usrID) I believe session cookies are dumped into the Session object by ASP. Try using this. usrID = Session(usrID) Nope. These cookies would be in Request.Cookies just like the ones with expiration. Anadi, are the Perl scripts and the ASPs on the same server (webhost, not machine!)? In the same directory? Maybe you have to specify the domain when creating the cookie. Jenda = [EMAIL PROTECTED] === http://Jenda.Krynicky.cz = When it comes to wine, women and song, wizards are allowed to get drunk and croon as much as they like. -- Terry Pratchett in Sourcery -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
cookies in perl and asp
Hi all, I have a problem that I am hoping someone can shed some light on. I have written a cookie in perl and what I want to do is read the cookie back but in an asp script. I can read the cookie back in other perl scripts but the asp script doesnt see it. Why is this and is there anyway around it ?? thanks for your help :-) Anadi
RE: cookies in perl and asp
A Taylor [EMAIL PROTECTED] wrote: : Hi all, : I have a problem that I am hoping someone can shed some : light on. I have written a cookie in perl and what I want : to do is read the cookie back but in an asp script. I can : read the cookie back in other perl scripts but the asp : script doesnt see it. Why is this and is there anyway : around it ?? I'm not sure I understand your question. ASP provides objects to enable server side scripts to produce web pages. Those scripts can be written in any sever side scripting language including perlscrpt, VBscript, and Jscript. You can retrieve cookies in the ASP environment using the Cookies method of the Response object. This page walks you through an example. http://www.w3schools.com/asp/asp_cookies.asp You can find more examples of ASP and cookies at Google. http://www.google.com/search?q=ASP+cookies HTH, Charles K. Clarkson -- Mobile Homes Specialist 254 968-8328 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
HELLLLLP! COOKIES ARE DRIVING ME INSAAAAAAAAAAANE!
Howdy - I'm having some trouble deleting a cookie using CGI::Cookie. Here is the code I'm using to do this. Note this is in a module, so I have written wrappers for the CGI::Cookie Set/Get functionality. However, this is test code, so it's being accessed in it's own namespace. I know that this code writes cookies. But, I cannot seem to modify the properties of an existing cookie. use strict; use CGI qw/:standard/; use CGI::Cookie; my $name = 'Johnny'; my $cookie = GetCookie($name); if ($cookie) { # Set the 'expires' attribute to -1M $cookie = DeleteCookie($name); # If the cookie object is returned, print its new properties if ($cookie) { print $h_self{cgi}-header(-cookie=$cookie); print qq[Just set the cookie to be deleted. These are the properties:br /]; print -name is . $cookie-name .br /; print -value is . $cookie-value .br /; print -expires is . $cookie-expires .br /; print -path is . $cookie-path .br /; print -domain is . $cookie-domain .br /; print -secure is . $cookie-secure .br /; print qq[Close the browser and look in the cookies folderbr /]; } # If the cookie was not returned, there was a problem. else { print $h_self{cgi}-header; print qq[Something has gone completely wrong here!]; } } sub GetCookie { my ($name) = @_; my %h_cookies = fetch CGI::Cookie(); (exists $h_cookies{$name})?return $h_cookies{$name}:return 0; } sub DeleteCookie { my ($name) = @_; # Get the cookie my $cookie = GetCookie($name); # Set the expiration date to delete cookie $cookie = SetCookieProp($name,'expires','-1M'); ($cookie)?return $cookie:return 0; } sub SetCookieProp { my ($name, $prop, $value) = @_; # Get the cookie my $cookie = $hr_self-GetCookie($name); # Set the named property to the new value $cookie-$prop($value); ($cookie)?return $cookie:return 0; } Ron Goral Up On The Mountain Design Group Custom solutions for your database driven web site. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Cookies v. Hiddent Fields
What is the difference (as far as security goes) between using a cookie and a hidden field? Are hidden fields cached if we are using SSL? I think not. If I use a GUID as a session ID in my database and store the GUID in a hidden field and the user sees the GUID in some GET parameters, is this of any consequence? Someone recommend that I don't persist cookies. How do I not persist cookies? Thanks, Siegfried
Re: Cookies v. Hiddent Fields
What is the difference (as far as security goes) between using a cookie and a hidden field? Are hidden fields cached if we are using SSL? I think not. None. Both are wide open. SSL simply encrypts the pipe between your server and the client (browser). Everything passing over it, including cookies and hidden fields, is encrypted, or not if SSL is not employed. I like the pipe analogy, think of everything that goes from the browser to the server (and since both cookies and hidden fields are client side until the client calls to the server) as traveling over a clear pipe. So if you can see into the pipe, then you can see everything. Then picture SSL as a wrapper around the pipe, it prevents you seeing *everything* traveling over the pipe, so then it is up to you to make sure the connections at either end work (aka browser supports SSL, server does too, and they have decided to use the covered pipe instead of the clear one). If I use a GUID as a session ID in my database and store the GUID in a hidden field and the user sees the GUID in some GET parameters, is this of any consequence? Depends on what the GUID is made of. Did my other write up of the authentication idiom not help? work? or the modules suggested by the other poster? Someone recommend that I don't persist cookies. How do I not persist cookies? They shouldn't persist by default, it is usually a question of how do I make them persist, whic his covered very clearly here: http://search.cpan.org/~lds/CGI.pm-3.05/CGI.pm#HTTP_COOKIES http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Cookies v. Hiddent Fields
From: Siegfried Heintze [EMAIL PROTECTED] What is the difference (as far as security goes) between using a cookie and a hidden field? Are hidden fields cached if we are using SSL? I think not. Both have the same security. A hidden field is simpler to be viewd by a user, but a cracker can see them both. If I use a GUID as a session ID in my database and store the GUID in a hidden field and the user sees the GUID in some GET parameters, is this of any consequence? No, no problem, but it depends how you define that hidden field. For exemple, don't use as hidden fields autoincreasing numbers but always use random strings. Someone recommend that I don't persist cookies. How do I not persist cookies? Don't put an expiration date and they will not be persistent. Teddy -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
redirecting and setting cookies with CGI.pm
Is there a way to use redirect() *and* set cookies like with header()? -- Andrew Gaffney Network Administrator Skyline Aeronautics, LLC. 636-357-1548 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: redirecting and setting cookies with CGI.pm
Andrew Gaffney wrote: Is there a way to use redirect() *and* set cookies like with header()? Nevermind, I just added -status='302 Found', -Location='http://somesite.com/somepage.html' to my header() call. -- Andrew Gaffney Network Administrator Skyline Aeronautics, LLC. 636-357-1548 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Writing custom cookies using LWP::UserAgent
I am having LWP::UserAgent fetch information from a site that uses Javascript to write a cookie like this: document.cookie = jscript=1; path=/;; Is there any way to tell my User Agent to add that cookie to the cookie jar? Thanks, Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
RE: Writing custom cookies using LWP::UserAgent
I am having LWP::UserAgent fetch information from a site that uses Javascript to write a cookie like this: document.cookie = jscript=1; path=/;; Is there any way to tell my User Agent to add that cookie to the cookie jar? I had to do something similar, and rather than mess with the cookie jar, I did this: $r-header('Host' = 'www.hzcu.org', 'Keep-Alive' = '300', 'Connection' = 'keep-alive', 'Referer' = 'https://www.hzcu.org/onlineserv/HB/Signon.cgi', 'Cookie' = 'signonValid=TRUE; path=/'); $r is an HTTP::Request object. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
cookies and character sets
After months of trouble free operation, a shopping cart I wrote is having cookie trouble with browsers in Israel. I'm setting cookies using CGI.pm in the standard way. I'm assuming that folks in Israel may not use iso-8859-1. Has anyone had problems with cookies not being read when encountering different character sets? Other ideas? Regards, Andrew -- Andrew Brosnan - Broscom LLC - 1 603 447 6000 [EMAIL PROTECTED] - http://www.broscom.com Websites, Hosting, Programming, Consulting -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/ http://learn.perl.org/first-response
Re: Is it possible to send / receive cookies on an image
In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Dan Anderson) writes: Is it possible to create a perl script that would send to the user an image and cookies. Depending on the cookie on the users computer, the user would get a certain picture. I figure I would have to use CGI, but what else, if anything, would I need to do? Not much. You just have to override the default content type in the header: print header(-type='image/gif'); and to send a cookie in the usual way: $cookie = cookie(...); print header(-cookie = $cookie); Putting 'em together: use CGI qw(header cookie); $cookie = cookie(...); print header(-cookie = $cookie, -type='image/gif'); Search through the CGI.pm documentation for the ... and take more questions to beginners-cgi. -- Peter Scott http://www.perldebugged.com/ *** NEW *** http//www.perlmedic.com/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Is it possible to send / receive cookies on an image
Is it possible to create a perl script that would send to the user an image and cookies. Depending on the cookie on the users computer, the user would get a certain picture. I figure I would have to use CGI, but what else, if anything, would I need to do? Thanks in advance, -Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Is it possible to send / receive cookies on an image
On Monday, Nov 17, 2003, at 14:33 US/Pacific, Dan Anderson wrote: Is it possible to create a perl script that would send to the user an image and cookies. Depending on the cookie on the users computer, the user would get a certain picture. I figure I would have to use CGI, but what else, if anything, would I need to do? since you are about to stumble into the land of [EMAIL PROTECTED] yes, they too have a mailing list. My recommendations on reading material for CGI work is at: http://www.wetware.com/drieux/CS/Proj/TPFH/gen_doc.html Most of them you will just want to buy, and curl up with in bed until you understand all of the DOM's, and the oddities of HTML, javascript, etc. A part of what you will ultimately want to feel at home with is mostly in the CGI.pm module - but you might want to deal with things like: http://search.cpan.org/~jerlbaum/CGI-Application-3.1/Application.pm which I have merely played around with. if you have the time, play around with http://search.cpan.org/modlist/World_Wide_Web/ Hope that Helps. ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cookies
I'm not a guru... ;-P But I was in a similar situation some months ago. First of all I would tell Alejandro not to send Username-Password with the cookie, but a Session ID, but I arrived late. There are two modules (at least I only know them) to handle sessions with cookies. Apache::Session and CGI::Session Even been them complete solutions (I think so, I haven't really used them), not all systems support them, that's my case, my web host doesn't has any of them installed (That's because I haven't used them). My suggestion is to create sessions, using cookies and generating the ID as described in the previous message (not mine). But in Alex situation he might want to give access only to the Administrator, wich makes things easier. I am not sure right now, but I believe that I found useful hints in an online course, from Ovid Check this link http://users.easystreet.com/ovid/cgi_course/ -rm- - Original Message - From: Wiggins d'Anconia [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, September 20, 2003 10:24 AM Subject: Re: Cookies Alejandro Chavarria - CyPage wrote: Thanks for your reply Wiggins d'Anconia. I understand the part about just setting the cookie to an empty value, but I don't understand the part about the secret key and a check failing. Could you explain further? When would this happen: initially setting the cookie's value, or everytime you check the cookie to see if the username and password are correct? Remember to group reply so everyone can help and be helped. Essentially you would take the username and password once, at that time you create a hashed value of some user information such as an id # or the username if you want, etc. and any other information you want, IP and expiration time, plus a secret key, basically any phrase that your site knows that no one else does. (insert rant about how that is not secure because anyone with access to the code can see it, blah blah blah...) and you hash the values together (check out Digest::MD5 or Digest:SHA1 for two good hashing modules, I prefer the second for other reasons). Then each time you want to verify the user is who they say they are you take the information they provide (aka their username or id as mentioned above) and the hash you generated above which can be stored in teh same cookie and then you create the hash in the same manner as before and check to see that the hashes match. (There is a much better explanation on this with code samples in the O'Reilly Apache Modules with Perl and C book.) It is *very difficult* (nothing is completely secure) for the user to create a hash that will be authentic based only on the knowledge they have, aka what the cookie looks like and what their user id is. They could guess that you are using a hash of something fairly easily, and that if their user id is 245 that there is probably user ids 1-244 but they can't guess your secret passphrase so to recreate a hash is nearly impossible. This also prevents the need to be passing the username/password around other than on initial login, and is much better than simply setting a single cookie and checking for its existence for obvious reasons. Examples: # # Method to generate authentication cookie # use Digest::SHA1; sub authentication_string { my $self = shift; my $uid = $self-id; my $time = time; my $expires = 2592000; my $data = join(':', CONFIG_AUTH_KEY, $time, $expires, $uid); my $hash = Digest::SHA1::sha1_hex($data); return uid=$uid time=$time expires=$expires hash=$hash; } The above code assumes a 'User' object with an instance method of 'id' that returns the user's id, and a constant CONFIG_AUTH_KEY that contains the site's secret key. I leave the method for validating the authentication to the reader (mostly because mine has lots of non-standard error checking in it). Thoughts/comments from any of the gurus? http://danconia.org -Original Message- From: Wiggins d'Anconia [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 6:17 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cookies On Wed, 17 Sep 2003 20:33:00 -0800, Alejandro Chavarria - CyPage [EMAIL PROTECTED] wrote: Hey, I have a script and I want to allow an administrator log on to it. Once logged in they can change things... etc. Basically stuff I don't want other people to be able to do. I have decided that cookies is the best way to go. I've been looking and looking on the internet for a way to add a logout button in the script that will delete the cookie that has the username and password so they are essentially logged out. I have read that you can fill in the expires field in with 1. a date in the past (ie. -1d) or 2. the word now. I have heard about problems with both these methods. What do you
RE: Cookies
Thanks. I will try that. Alex -Original Message- From: Wiggins d'Anconia [mailto:[EMAIL PROTECTED] Sent: Saturday, September 20, 2003 7:24 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Cookies Alejandro Chavarria - CyPage wrote: Thanks for your reply Wiggins d'Anconia. I understand the part about just setting the cookie to an empty value, but I don't understand the part about the secret key and a check failing. Could you explain further? When would this happen: initially setting the cookie's value, or everytime you check the cookie to see if the username and password are correct? Remember to group reply so everyone can help and be helped. Essentially you would take the username and password once, at that time you create a hashed value of some user information such as an id # or the username if you want, etc. and any other information you want, IP and expiration time, plus a secret key, basically any phrase that your site knows that no one else does. (insert rant about how that is not secure because anyone with access to the code can see it, blah blah blah...) and you hash the values together (check out Digest::MD5 or Digest:SHA1 for two good hashing modules, I prefer the second for other reasons). Then each time you want to verify the user is who they say they are you take the information they provide (aka their username or id as mentioned above) and the hash you generated above which can be stored in teh same cookie and then you create the hash in the same manner as before and check to see that the hashes match. (There is a much better explanation on this with code samples in the O'Reilly Apache Modules with Perl and C book.) It is *very difficult* (nothing is completely secure) for the user to create a hash that will be authentic based only on the knowledge they have, aka what the cookie looks like and what their user id is. They could guess that you are using a hash of something fairly easily, and that if their user id is 245 that there is probably user ids 1-244 but they can't guess your secret passphrase so to recreate a hash is nearly impossible. This also prevents the need to be passing the username/password around other than on initial login, and is much better than simply setting a single cookie and checking for its existence for obvious reasons. Examples: # # Method to generate authentication cookie # use Digest::SHA1; sub authentication_string { my $self = shift; my $uid = $self-id; my $time = time; my $expires = 2592000; my $data = join(':', CONFIG_AUTH_KEY, $time, $expires, $uid); my $hash = Digest::SHA1::sha1_hex($data); return uid=$uid time=$time expires=$expires hash=$hash; } The above code assumes a 'User' object with an instance method of 'id' that returns the user's id, and a constant CONFIG_AUTH_KEY that contains the site's secret key. I leave the method for validating the authentication to the reader (mostly because mine has lots of non-standard error checking in it). Thoughts/comments from any of the gurus? http://danconia.org -Original Message- From: Wiggins d'Anconia [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 6:17 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cookies On Wed, 17 Sep 2003 20:33:00 -0800, Alejandro Chavarria - CyPage [EMAIL PROTECTED] wrote: Hey, I have a script and I want to allow an administrator log on to it. Once logged in they can change things... etc. Basically stuff I don't want other people to be able to do. I have decided that cookies is the best way to go. I've been looking and looking on the internet for a way to add a logout button in the script that will delete the cookie that has the username and password so they are essentially logged out. I have read that you can fill in the expires field in with 1. a date in the past (ie. -1d) or 2. the word now. I have heard about problems with both these methods. What do you suggest? In general I would reset the cookie to the empty string with no expiration date, and then on the other end your check should be that the cookie exists *and* has a correct value. Then make the correct value very hard (because nothing is 100% secure) to figure out how to generate. In other words hash it with a secret key or some such that only the server has. So the cookie exists but the check fails, and as soon as the session ends the cookie is no longer stored. http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cookies
Alejandro Chavarria - CyPage wrote: Thanks for your reply Wiggins d'Anconia. I understand the part about just setting the cookie to an empty value, but I don't understand the part about the secret key and a check failing. Could you explain further? When would this happen: initially setting the cookie's value, or everytime you check the cookie to see if the username and password are correct? Remember to group reply so everyone can help and be helped. Essentially you would take the username and password once, at that time you create a hashed value of some user information such as an id # or the username if you want, etc. and any other information you want, IP and expiration time, plus a secret key, basically any phrase that your site knows that no one else does. (insert rant about how that is not secure because anyone with access to the code can see it, blah blah blah...) and you hash the values together (check out Digest::MD5 or Digest:SHA1 for two good hashing modules, I prefer the second for other reasons). Then each time you want to verify the user is who they say they are you take the information they provide (aka their username or id as mentioned above) and the hash you generated above which can be stored in teh same cookie and then you create the hash in the same manner as before and check to see that the hashes match. (There is a much better explanation on this with code samples in the O'Reilly Apache Modules with Perl and C book.) It is *very difficult* (nothing is completely secure) for the user to create a hash that will be authentic based only on the knowledge they have, aka what the cookie looks like and what their user id is. They could guess that you are using a hash of something fairly easily, and that if their user id is 245 that there is probably user ids 1-244 but they can't guess your secret passphrase so to recreate a hash is nearly impossible. This also prevents the need to be passing the username/password around other than on initial login, and is much better than simply setting a single cookie and checking for its existence for obvious reasons. Examples: # # Method to generate authentication cookie # use Digest::SHA1; sub authentication_string { my $self = shift; my $uid = $self-id; my $time = time; my $expires = 2592000; my $data = join(':', CONFIG_AUTH_KEY, $time, $expires, $uid); my $hash = Digest::SHA1::sha1_hex($data); return uid=$uid time=$time expires=$expires hash=$hash; } The above code assumes a 'User' object with an instance method of 'id' that returns the user's id, and a constant CONFIG_AUTH_KEY that contains the site's secret key. I leave the method for validating the authentication to the reader (mostly because mine has lots of non-standard error checking in it). Thoughts/comments from any of the gurus? http://danconia.org -Original Message- From: Wiggins d'Anconia [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 6:17 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Cookies On Wed, 17 Sep 2003 20:33:00 -0800, Alejandro Chavarria - CyPage [EMAIL PROTECTED] wrote: Hey, I have a script and I want to allow an administrator log on to it. Once logged in they can change things... etc. Basically stuff I don't want other people to be able to do. I have decided that cookies is the best way to go. I've been looking and looking on the internet for a way to add a logout button in the script that will delete the cookie that has the username and password so they are essentially logged out. I have read that you can fill in the expires field in with 1. a date in the past (ie. -1d) or 2. the word now. I have heard about problems with both these methods. What do you suggest? In general I would reset the cookie to the empty string with no expiration date, and then on the other end your check should be that the cookie exists *and* has a correct value. Then make the correct value very hard (because nothing is 100% secure) to figure out how to generate. In other words hash it with a secret key or some such that only the server has. So the cookie exists but the check fails, and as soon as the session ends the cookie is no longer stored. http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Cookies
On Wed, 17 Sep 2003 20:33:00 -0800, Alejandro Chavarria - CyPage [EMAIL PROTECTED] wrote: Hey, I have a script and I want to allow an administrator log on to it. Once logged in they can change things... etc. Basically stuff I don't want other people to be able to do. I have decided that cookies is the best way to go. I've been looking and looking on the internet for a way to add a logout button in the script that will delete the cookie that has the username and password so they are essentially logged out. I have read that you can fill in the expires field in with 1. a date in the past (ie. -1d) or 2. the word now. I have heard about problems with both these methods. What do you suggest? In general I would reset the cookie to the empty string with no expiration date, and then on the other end your check should be that the cookie exists *and* has a correct value. Then make the correct value very hard (because nothing is 100% secure) to figure out how to generate. In other words hash it with a secret key or some such that only the server has. So the cookie exists but the check fails, and as soon as the session ends the cookie is no longer stored. http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Cookies
Hey, I have a script and I want to allow an administrator log on to it. Once logged in they can change things... etc. Basically stuff I don't want other people to be able to do. I have decided that cookies is the best way to go. I've been looking and looking on the internet for a way to add a logout button in the script that will delete the cookie that has the username and password so they are essentially logged out. I have read that you can fill in the expires field in with 1. a date in the past (ie. -1d) or 2. the word now. I have heard about problems with both these methods. What do you suggest? Alex -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Test if browser's allows cookies/has them turned onetc..
Dan Muey wrote: -Original Message- From: Randal L. Schwartz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Test if browser's allows cookies/has them turned onetc.. Dan == Dan Muey [EMAIL PROTECTED] writes: Dan As much as I hate to do stuff that requires cookies, there is a Dan project I'm doing that requires cookies. This should have been on [EMAIL PROTECTED] instead. More experts there about this stuff. Having said that, you should read my basic cookie management column at http://www.stonehenge.com/merlyn/WebTechniques/col61.html. I'm told that code was made into a module, but I can't seem to find that reference now. Cool, that's pretty much the method I was using so I guess I'm not crazy! I agree with your sentiments about cookies in the article. I try to avoid them when ever possible but this one app will require them, either that or I have to make sure the data is passed in every invokation of the script via link or form which might just be worth the trouble. YES!! It definitely is worth the trouble, and it is not that much trouble, if your routing is well-designed. I haven't used the CGI module much, but I can tell you that input type=hidden name=info_tag value=whatever is currently useful for this stage works quite well, and should be returned as $cgi_object-param{'nfo_tag'}. Much better than playing with your audience's file system. Joseph -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Test if browser's allows cookies/has them turned onetc..
Dan Muey wrote: -Original Message- From: Randal L. Schwartz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Test if browser's allows cookies/has them turned onetc.. Dan == Dan Muey [EMAIL PROTECTED] writes: Dan As much as I hate to do stuff that requires cookies, there is a Dan project I'm doing that requires cookies. This should have been on [EMAIL PROTECTED] instead. More experts there about this stuff. Having said that, you should read my basic cookie management column at http://www.stonehenge.com/merlyn/WebTechniques/col61.html. I'm told that code was made into a module, but I can't seem to find that reference now. Cool, that's pretty much the method I was using so I guess I'm not crazy! I agree with your sentiments about cookies in the article. I try to avoid them when ever possible but this one app will require them, either that or I have to make sure the data is passed in every invokation of the script via link or form which might just be worth the trouble. YES!! It definitely is worth the trouble, and it is not that much trouble, if your routing is well-designed. I haven't used the CGI module much, but I can tell you that input type=hidden name=info_tag value=whatever is currently useful for this stage works quite well, and should be returned as $cgi_object-param{'nfo_tag'}. Much better than playing with your audience's file system. True, the only thing I can't seem to do is this: Say you have super duper shopping system, that passes shopperid=123456 around in every single form and link so that their cart and whatever info 123456 refers to is available. Now how can you have a link to the shopping cart from a static page unrelated to the cart, or what if your shopper leaves the site for soemthign else and comes back, or how could they shut their browser down and restart up again, all of those situations and still keep their info all along? Perhaps, pass the number around and if it is not available(IE one of the above situatios) check for a cookie and if there is no cookie try to set one and simply tell them they need cookies for their session to be remembered? Cool? Joseph -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Test if browser's allows cookies/has them turned onetc..
On Mon, 2003-09-08 at 16:11, Dan Muey wrote: Dan Muey wrote: -Original Message- From: Randal L. Schwartz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Test if browser's allows cookies/has them turned onetc.. Dan == Dan Muey [EMAIL PROTECTED] writes: Dan As much as I hate to do stuff that requires cookies, there is a Dan project I'm doing that requires cookies. This should have been on [EMAIL PROTECTED] instead. More experts there about this stuff. Having said that, you should read my basic cookie management column at http://www.stonehenge.com/merlyn/WebTechniques/col61.html. I'm told that code was made into a module, but I can't seem to find that reference now. Cool, that's pretty much the method I was using so I guess I'm not crazy! I agree with your sentiments about cookies in the article. I try to avoid them when ever possible but this one app will require them, either that or I have to make sure the data is passed in every invokation of the script via link or form which might just be worth the trouble. YES!! It definitely is worth the trouble, and it is not that much trouble, if your routing is well-designed. I haven't used the CGI module much, but I can tell you that input type=hidden name=info_tag value=whatever is currently useful for this stage works quite well, and should be returned as $cgi_object-param{'nfo_tag'}. Much better than playing with your audience's file system. True, the only thing I can't seem to do is this: Say you have super duper shopping system, that passes shopperid=123456 around in every single form and link so that their cart and whatever info 123456 refers to is available. Now how can you have a link to the shopping cart from a static page unrelated to the cart, or what if your shopper leaves the site for soemthign else and comes back, or how could they shut their browser down and restart up again, all of those situations and still keep their info all along? Perhaps, pass the number around and if it is not available(IE one of the above situatios) check for a cookie and if there is no cookie try to set one and simply tell them they need cookies for their session to be remembered? Cool? Dan, Ever looked at HTML::Mason? Check out this article on how to display and hide session variables using httpd.conf (in conjunction with HTML::Mason of course). It's a great templating engine that runs on top of mod_perl. http://www.masonhq.com/user/adpacifico/ApacheSessionMason.html#uri%20tricks%20and%20mysql Also, the Mason Book is available online at http://www.masonbook.com HTH, Kevin -- K Old [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Test if browser's allows cookies/has them turned onetc..
-Original Message- From: Randal L. Schwartz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Test if browser's allows cookies/has them turned onetc.. Dan == Dan Muey [EMAIL PROTECTED] writes: Dan As much as I hate to do stuff that requires cookies, there is a Dan project I'm doing that requires cookies. This should have been on [EMAIL PROTECTED] instead. More experts there about this stuff. Having said that, you should read my basic cookie management column at http://www.stonehenge.com/merlyn/WebTechniques/col61.html. I'm told that code was made into a module, but I can't seem to find that reference now. Cool, that's pretty much the method I was using so I guess I'm not crazy! I agree with your sentiments about cookies in the article. I try to avoid them when ever possible but this one app will require them, either that or I have to make sure the data is passed in every invokation of the script via link or form which might just be worth the trouble. YES!! It definitely is worth the trouble, and it is not that much trouble, if your routing is well-designed. I haven't used the CGI module much, but I can tell you that input type=hidden name=info_tag value=whatever is currently useful for this stage works quite well, and should be returned as $cgi_object-param{'nfo_tag'}. Much better than playing with your audience's file system. True, the only thing I can't seem to do is this: Say you have super duper shopping system, that passes shopperid=123456 around in every single form and link so that their cart and whatever info 123456 refers to is available. Now how can you have a link to the shopping cart from a static page unrelated to the cart, or what if your shopper leaves the site for soemthign else and comes back, or how could they shut their browser down and restart up again, all of those situations and still keep their info all along? Perhaps, pass the number around and if it is not available(IE one of the above situatios) check for a cookie and if there is no cookie try to set one and simply tell them they need cookies for their session to be remembered? Cool? Dan, Ever looked at HTML::Mason? Check out this article on how to display and hide session variables using httpd.conf (in conjunction with HTML::Mason of course). It's a great templating engine that runs on top of mod_perl. http://www.masonhq.com/user/adpacifico/ApacheSessionMason.html#uri%20tricks%20and%20mysql Also, the Mason Book is available online at http://www.masonbook.com HTH, Thanks for the idea, I'll look into it. I'm a bit leary of it though since the average Joe would have a hard time just ftping, chmoding, and running it. And if I'm not mistaken after they close their browser their data will be gone when they next open their browser, correct? If that's the case it seems like a lot less trouble to just pass the userid=123456 param around since you still have the sam eproblem of remembering them thet nect time they turn their computer on. Don't get me wrong I hat cookies too and definitely am aware of the security issues, I'm just trying to find a way to remember them if possible over multiple sessions. Without them having to log on. Thanks for the info! Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WWW::Mechanize and Cookies
Hi all: Are these libs: WWW:: Mechanize and HTTP::Cookies in perl or mod_perl? -rkl Pablo Fischer writes: Hi! Im creating an script that checks for broken links. Im using this modules: use WWW::Mechanize; use HTTP::Cookies; What Im trying to do?, I need to login in a website (cause to check broken links I need to be loged). I also checked the cookies once I've loged and they're created, however, when I try to entrer another website I cant cause the website shows me a pretty message: Not Authorized. My Code: #El archivo en el que se guardan las cookies $cookies = /home/unmada/cookies.txt; #El objeto que va a estar escuchando las cookies $cookie = HTTP::Cookies-new( file = $cookies, ignore_discard = 1, autosave = 1); #$agent-cookie_jar($cookie); #El objeto que va a hacerla de navegador my $agent = WWW::Mechanize-new(agent = 'Mozilla/5.0', debug = 1); #La direccin que se va a visitar (la primera) my $url = http://cursos.itesm.mx/webapps/login;; #$agent-redirect_ok(); #Decirle al navegador que las cookies van a ser guardadas en el objeto cookie $agent-cookie_jar($cookie); #Cargamos la pgina $agent-get($url); #Mostramos el titulo de la pgina print $agent-title(),\n; #Buscamos el formulario que tiene el nombre de 'login' $agent-form(login); #Llenamos el campo de user_id $agent-field(user_id, username); #Llenamos el campo de password $agent-field(password, password); #Le damos ENTER $agent-submit(); Then to enter another website (in the same domain), I jsut: $agent-get(otherurl_of_the_same_domain); Thanks! Pablo -- Pablo Fischer Sandoval ([EMAIL PROTECTED]) http://www.pablo.com.mx http://www.debianmexico.org GPG FingerTip: 3D49 4CB8 8951 F2CA 8131 AF7C D1B9 1FB9 6B11 810C Firma URL: http://www.pablo.com.mx/firmagpg.txt -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WWW::Mechanize and Cookies
On Thu, 04 Sep 2003 00:39:55 -0700, rkl [EMAIL PROTECTED] wrote: Hi all: Are these libs: WWW:: Mechanize and HTTP::Cookies in perl or mod_perl? Written in or available in? Written in: Perl Available in: yes They are standard Perl modules, so whereever you can use a Perl module they are available. They are written in Perl (with possibly XS components). snip old messages http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: WWW::Mechanize and Cookies
mod_perl isn't a language, it is an application server. If the question is Is it mod_perl safe?, then that is a different question. I would think they are, both are OOP, and there is no state that I am aware of that is outside of the object properties. Rob -Original Message- From: rkl [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 3:40 AM To: perl Subject: Re: WWW::Mechanize and Cookies Hi all: Are these libs: WWW:: Mechanize and HTTP::Cookies in perl or mod_perl? -rkl Pablo Fischer writes: Hi! Im creating an script that checks for broken links. Im using this modules: use WWW::Mechanize; use HTTP::Cookies; What Im trying to do?, I need to login in a website (cause to check broken links I need to be loged). I also checked the cookies once I've loged and they're created, however, when I try to entrer another website I cant cause the website shows me a pretty message: Not Authorized. My Code: #El archivo en el que se guardan las cookies $cookies = /home/unmada/cookies.txt; #El objeto que va a estar escuchando las cookies $cookie = HTTP::Cookies-new( file = $cookies, ignore_discard = 1, autosave = 1); #$agent-cookie_jar($cookie); #El objeto que va a hacerla de navegador my $agent = WWW::Mechanize-new(agent = 'Mozilla/5.0', debug = 1); #La direccin que se va a visitar (la primera) my $url = http://cursos.itesm.mx/webapps/login;; #$agent-redirect_ok(); #Decirle al navegador que las cookies van a ser guardadas en el objeto cookie $agent-cookie_jar($cookie); #Cargamos la pgina $agent-get($url); #Mostramos el titulo de la pgina print $agent-title(),\n; #Buscamos el formulario que tiene el nombre de 'login' $agent-form(login); #Llenamos el campo de user_id $agent-field(user_id, username); #Llenamos el campo de password $agent-field(password, password); #Le damos ENTER $agent-submit(); Then to enter another website (in the same domain), I jsut: $agent-get(otherurl_of_the_same_domain); Thanks! Pablo -- Pablo Fischer Sandoval ([EMAIL PROTECTED]) http://www.pablo.com.mx http://www.debianmexico.org GPG FingerTip: 3D49 4CB8 8951 F2CA 8131 AF7C D1B9 1FB9 6B11 810C Firma URL: http://www.pablo.com.mx/firmagpg.txt -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Test if browser's allows cookies/has them turned onetc..
Howdy list, You know how some sites will say You need to enable cookies for this site to use this service As much as I hate to do stuff that requires cookies, there is a project I'm doing that requires cookies. I don't think you can set a cookie in a header then get the value of that cookie in the same execution of the script. So what I've done is, my $nocookies; if(!shouldhavecookie) { a) set the cookie header b) do a Location: header to $cgi-self_url with shouldhavecookie=1 appended else { a) fetch cookie b) if(cookie value not set) { turn on cookies freak! $nocookies = 1 } } if(!$nocookies) { do whatever it does` that needs cookies } Is there a better way to do that without having to do redirects? TIA Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Test if browser's allows cookies/has them turned onetc..
Dan == Dan Muey [EMAIL PROTECTED] writes: Dan As much as I hate to do stuff that requires cookies, there is a Dan project I'm doing that requires cookies. This should have been on [EMAIL PROTECTED] instead. More experts there about this stuff. Having said that, you should read my basic cookie management column at http://www.stonehenge.com/merlyn/WebTechniques/col61.html. I'm told that code was made into a module, but I can't seem to find that reference now. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 [EMAIL PROTECTED] URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Test if browser's allows cookies/has them turned onetc..
-Original Message- From: Randal L. Schwartz [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Test if browser's allows cookies/has them turned onetc.. Dan == Dan Muey [EMAIL PROTECTED] writes: Dan As much as I hate to do stuff that requires cookies, there is a Dan project I'm doing that requires cookies. This should have been on [EMAIL PROTECTED] instead. More experts there about this stuff. Having said that, you should read my basic cookie management column at http://www.stonehenge.com/merlyn/WebTechniques/col61.html. I'm told that code was made into a module, but I can't seem to find that reference now. Cool, that's pretty much the method I was using so I guess I'm not crazy! I agree with your sentiments about cookies in the article. I try to avoid them when ever possible but this one app will require them, either that or I have to make sure the data is passed in every invokation of the script via link or form which might just be worth the trouble. Except a user might link to it from outside the script and then not have their info available unless we attempt tossing our cookies. Thanks for the info! Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
WWW::Mechanize and Cookies
Hi! Im creating an script that checks for broken links. Im using this modules: use WWW::Mechanize; use HTTP::Cookies; What Im trying to do?, I need to login in a website (cause to check broken links I need to be loged). I also checked the cookies once I've loged and they're created, however, when I try to entrer another website I cant cause the website shows me a pretty message: Not Authorized. My Code: #El archivo en el que se guardan las cookies $cookies = /home/unmada/cookies.txt; #El objeto que va a estar escuchando las cookies $cookie = HTTP::Cookies-new( file = $cookies, ignore_discard = 1, autosave = 1); #$agent-cookie_jar($cookie); #El objeto que va a hacerla de navegador my $agent = WWW::Mechanize-new(agent = 'Mozilla/5.0', debug = 1); #La dirección que se va a visitar (la primera) my $url = http://cursos.itesm.mx/webapps/login;; #$agent-redirect_ok(); #Decirle al navegador que las cookies van a ser guardadas en el objeto cookie $agent-cookie_jar($cookie); #Cargamos la página $agent-get($url); #Mostramos el titulo de la página print $agent-title(),\n; #Buscamos el formulario que tiene el nombre de 'login' $agent-form(login); #Llenamos el campo de user_id $agent-field(user_id, username); #Llenamos el campo de password $agent-field(password, password); #Le damos ENTER $agent-submit(); Then to enter another website (in the same domain), I jsut: $agent-get(otherurl_of_the_same_domain); Thanks! Pablo -- Pablo Fischer Sandoval ([EMAIL PROTECTED]) http://www.pablo.com.mx http://www.debianmexico.org GPG FingerTip: 3D49 4CB8 8951 F2CA 8131 AF7C D1B9 1FB9 6B11 810C Firma URL: http://www.pablo.com.mx/firmagpg.txt -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: :Mechanize and Cookies
I run into this a lot. There is JavaScript in the page, and you need to emulate that in your script. Look at the source HTML for the page. It takes the password and look like it Base 64 encodes the password, then sets a hidden form field named encoded_pw to the value. It then clears the password field before sending the data. You need to emulate this process in your script. After that I would think it would work. Rob -Original Message- From: Pablo Fischer [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 5:17 PM To: [EMAIL PROTECTED] Subject: WWW::Mechanize and Cookies Hi! Im creating an script that checks for broken links. Im using this modules: use WWW::Mechanize; use HTTP::Cookies; What Im trying to do?, I need to login in a website (cause to check broken links I need to be loged). I also checked the cookies once I've loged and they're created, however, when I try to entrer another website I cant cause the website shows me a pretty message: Not Authorized. My Code: #El archivo en el que se guardan las cookies $cookies = /home/unmada/cookies.txt; #El objeto que va a estar escuchando las cookies $cookie = HTTP::Cookies-new( file = $cookies, ignore_discard = 1, autosave = 1); #$agent-cookie_jar($cookie); #El objeto que va a hacerla de navegador my $agent = WWW::Mechanize-new(agent = 'Mozilla/5.0', debug = 1); #La dirección que se va a visitar (la primera) my $url = http://cursos.itesm.mx/webapps/login;; #$agent-redirect_ok(); #Decirle al navegador que las cookies van a ser guardadas en el objeto cookie $agent-cookie_jar($cookie); #Cargamos la página $agent-get($url); #Mostramos el titulo de la página print $agent-title(),\n; #Buscamos el formulario que tiene el nombre de 'login' $agent-form(login); #Llenamos el campo de user_id $agent-field(user_id, username); #Llenamos el campo de password $agent-field(password, password); #Le damos ENTER $agent-submit(); Then to enter another website (in the same domain), I jsut: $agent-get(otherurl_of_the_same_domain); Thanks! Pablo -- Pablo Fischer Sandoval ([EMAIL PROTECTED]) http://www.pablo.com.mx http://www.debianmexico.org GPG FingerTip: 3D49 4CB8 8951 F2CA 8131 AF7C D1B9 1FB9 6B11 810C Firma URL: http://www.pablo.com.mx/firmagpg.txt -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tell if cookies are enabled
Hello List, I'm trying to figure the best method to see if cookies are enabled before proceeding. So what I've done is this: METHOD 1: see if a certain cookie exists and if not set it then later on teste for the cookie again it will not be set because the headers just set it so while the browser now has one it is not returned to the same script that set it so this way is no go METHOD 2: if(param('cookie_should_be_set')) { test for cookie and if not defined die you need cookies } else { see if a certain cookie exists and if not set it and print a Location header to self_url with cookie_should_be_set=1 appended } Method 2 works but I'm looking for the best way to test it with each request, in case they turn cookies off and then click a link or something. And doing a Location: $self_url everytime isn't desireable and setting one cookie and testing it over and over sounds good but sometimes browsers will still return a cookie even thought cookies are disabled/blocked/off so that will show it has a cookie but wonb't tell me if it can successfully set others. The best I can come up with so far is METHOD 2 with the cookie life set to a few minutes so it only has to do the Location: ... Bit once evr few minutes instead of every single request. Any other ideas/modules I'm missing? Tia Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cookies
--On Wednesday, August 13, 2003 4:44 PM +0100 Mace, Richard [EMAIL PROTECTED] wrote: I want to start using cookies to store user session information and build associated privileges on web pages. I'm starting as a complete novice in this field, has anyone else got off to a flyer using a book or web-site they can recommend? Any hints gratefully received, thanks, Richard. I found the code at http://www.stonehenge.com/merlyn/WebTechniques/col61.html to be a useful introduction. (and I just mentioned it yesterday IIRC :-) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: cookies
On Wed, 13 Aug 2003 16:44:59 +0100, Mace, Richard [EMAIL PROTECTED] wrote: I want to start using cookies to store user session information and build associated privileges on web pages. I'm starting as a complete novice in this field, has anyone else got off to a flyer using a book or web-site they can recommend? Any hints gratefully received, thanks, This query may be better addressed to beginners-cgi but not a big deal. Are you starting fresh in Perl? Or just CGI using Perl? Or just cookies specifically? In the latter two cases I would suggest reviewing the docs for the CGI.pm module as it will explain how to handle CGI requests, build dynamic pages, and part of that will be using and setting cookies. In the first case I would get a foundation in Perl first, then move to CGI specifics by starting with the Learning Perl O'Reilly book. Also check out perldoc perlbook http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cookies
Have you read the ebook beginning perl? I downloaded it but I don't have the url. Sorry. Try google with 'ebook beginning perl'
cookies
I want to start using cookies to store user session information and build associated privileges on web pages. I'm starting as a complete novice in this field, has anyone else got off to a flyer using a book or web-site they can recommend? Any hints gratefully received, thanks, Richard. ** The information contained in this email is confidential and is intended for the recipient only. If you have received it in error, please notify us immediately by reply email and then delete it from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person or store or copy this information in any medium. The views contained in this email are those of the author and not necessarily those of Lorien plc. Thank you for your co-operation. ** -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cookies with CGI and IE7
Anyone having trouble setting or retrieving cookies with CGI.pm and IE7? I'm doing: my $cookie = $q-cookie( -name= 'session', -value = $session, -expires = '3h', print $q-header( -cookie = $cookie); I got some feedback that the cookie wasn't working in IE7. I hate cookies. Andrew -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cookies with CGI and IE7
Andrew Brosnan wrote: Anyone having trouble setting or retrieving cookies with CGI.pm and IE7? I'm doing: my $cookie = $q-cookie( -name= 'session', -value = $session, -expires = '3h', print $q-header( -cookie = $cookie); I got some feedback that the cookie wasn't working in IE7. I hate cookies. Have you tried printing the cookies after printing a standard header to make sure they are formatted correctly, are actually being set, and don't forget to check that the domain they are setting is the same as the domain sending them (caught me this weekend, grrr). Don't hate cookies, hate IE instead ;-) http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cookies with CGI and IE7
Andrew Brosnan [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Anyone having trouble setting or retrieving cookies with CGI.pm and IE7? I'm doing: my $cookie = $q-cookie( -name= 'session', -value = $session, -expires = '3h', print $q-header( -cookie = $cookie); I got some feedback that the cookie wasn't working in IE7. I've never heard of IE7. I just checked the internet explorer home page and it has a big 'ol 6 right in the top middle of the page. http://www.microsoft.com/windows/ie/default.asp Todd W. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Cookies rejected
Hi Todd Thanks a lot for the pointer. WWW::Mechanize was exactly what I needed. Using it's field replacement, I could log in to the site without any problem with the cookies. However, the next web page from where I actually want to send the message contains a text box for the mobilenumber and textarea for the message. The textbox was filled with the mobile number easily using $agent-field(mobilenumber,+9198155...); Result : input TABINDEX=1 TYPE=text NAME=mobilenumber MAXLENGTH=200 SIZE=55 VALUE=+9198155... All is great till this point. The hurdle now is that I could not find any method to populate the textarea :( Here is the html line from page where I'm supposed to put the message : textarea TABINDEX=2 ID=message NAME=message COLS=45 ROWS=4 WRAP=PHYSICAL onBlur=textRemaining(); onfocus=textRemaining(); onkeydown=textRemaining(); onkeypress=textRemaining(); onkeyup=textRemaining();/textarea Could anyone please tell me how I could populate the textarea using Mechanize so that a submit() would send the msg on it's way... Thanks you so much aman -Original Message- From: Todd Wade [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 25, 2003 11:02 PM To: [EMAIL PROTECTED] Subject: Re: Cookies rejected Aman Thind [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi All On receiving no reply to my previous post, I myself struggled a bit and came up with the following code to login to the site : -- use LWP::UserAgent; use HTTP::Cookies; $ua = LWP::UserAgent-new; $ua-cookie_jar(HTTP::Cookies-new(file = lwpcookies.txt,autosave = 1)); my $req = HTTP::Request-new(POST = 'http://www.sms.ac/login.asp'); $req-content_type('application/x-www-form-urlencoded'); $req-content('loginuserid=myuseridloginpassword=mypassword'); my $res = $ua-request($req); print $res-as_string; -- However, on running this script, a web page with the following message is returned : Unable to establish login (cookies rejected). Could someone please guide me how to overcome this. You are running in to some very usual issues with http clients. Really the best we ( or at least myself ) can say is that you are not sending a properly formatted cookie. There is a module called WWW::Mechanize that helps facilitate what you are trying to do. You might want to give it a look. Todd W. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cookies rejected
Aman Thind [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi All On receiving no reply to my previous post, I myself struggled a bit and came up with the following code to login to the site : -- use LWP::UserAgent; use HTTP::Cookies; $ua = LWP::UserAgent-new; $ua-cookie_jar(HTTP::Cookies-new(file = lwpcookies.txt,autosave = 1)); my $req = HTTP::Request-new(POST = 'http://www.sms.ac/login.asp'); $req-content_type('application/x-www-form-urlencoded'); $req-content('loginuserid=myuseridloginpassword=mypassword'); my $res = $ua-request($req); print $res-as_string; -- However, on running this script, a web page with the following message is returned : Unable to establish login (cookies rejected). Could someone please guide me how to overcome this. You are running in to some very usual issues with http clients. Really the best we ( or at least myself ) can say is that you are not sending a properly formatted cookie. There is a module called WWW::Mechanize that helps facilitate what you are trying to do. You might want to give it a look. Todd W. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Cookies rejected
Hi All On receiving no reply to my previous post, I myself struggled a bit and came up with the following code to login to the site : -- use LWP::UserAgent; use HTTP::Cookies; $ua = LWP::UserAgent-new; $ua-cookie_jar(HTTP::Cookies-new(file = lwpcookies.txt,autosave = 1)); my $req = HTTP::Request-new(POST = 'http://www.sms.ac/login.asp'); $req-content_type('application/x-www-form-urlencoded'); $req-content('loginuserid=myuseridloginpassword=mypassword'); my $res = $ua-request($req); print $res-as_string; -- However, on running this script, a web page with the following message is returned : Unable to establish login (cookies rejected). Could someone please guide me how to overcome this. Thanks in anticipation, aman -Original Message- From: Aman Thind [mailto:[EMAIL PROTECTED] Sent: Monday, June 23, 2003 2:05 PM To: [EMAIL PROTECTED] Subject: Log into a site and do stuff Hi I am working on a module that occasionally needs to raise alarms by sending sms to concerned ppl. For this, I would like to login to the site : www.sms.ac The login page is http://www.sms.ac/login.asp Then I have to go to the main page , fill the To: and Message: textboxes and send sms. I have no prior experience with LWP and couldn't make much use of perldoc lwpcook Could someone please tell me how I can accomplish this feat. A pointer towards a newbie resource on this perl feature or some sample code will surely help. Thanks aman -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
function/module to check if visitors have their cookies enabled
Hi Im looking for a function/module to check if visitors have their cookies enabled when they come to my site. I think that there might all-ready might be a module for this, but I havent been able to locate it. I have so for been trying work around the problem myself with something like this.( se below) It gives the right answer if cookies is allowed, but if not the script just stop when I call the fetch CGI::Cookie My error log says: Can't call method value on an undefined value at /usr/local/apache/cgi-bin/cook6.pl line 25 ( it is referring to : $id = $cookies{'oversaet'}-value;) Any help with telling me which module to use, or how to work around this problem with my script will be greatly appreciated. #! /bin/perl -w use CGI::Cookie; use CGI qw/:standard/; my $query = new CGI; $jack = flow; $c = new CGI::Cookie(-name ='oversaet', -value = ['1',$jack], -path = '/', -expires = +25m); print header (-cookie=$c); print $query-start_html(-tittle='example'); print htmlheadtitlecookies/title/head\n; %cookies = fetch CGI::Cookie; $id = $cookies{'oversaet'}-value; if ($id = 1$jack) { print cookie set; } else { print cookie NOT set!!!;
Re: function/module to check if visitors have their cookies enabled
On 3/9/03 at 2:51 AM, [EMAIL PROTECTED] (Ahrent) wrote: Hi Iím looking for a function/module to check if visitors have their cookies enabled when they come to my site. A little Javascript may be better for your purpose; but consider: use CGI; my $q = new CGI; my $cookie = $q-cookie('session'); if ($cookie) { #they have my cookie! } else{ #no cookie...better set one $cookie = 'my_cookie_value'; my $cookie = $q-cookie( -name = 'session', -value = $cookie, -expires = '3h' ); print $q-header( -cookie = $cookie); } Regards Andrew -- This post is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Any code contained herein is likely UNTESTED and may cause your system to explode upon execution. Furthermore, please be advised that I am really just a Perl ninny, and you probably should not be taking my advice in the first place. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: function/module to check if visitors have their cookies enabled
What sometimes helps me is this... Add a domain. -domain = '.some.com', --- Ahrent [EMAIL PROTECTED] wrote: Hi Im looking for a function/module to check if visitors have their cookies enabled when they come to my site. I think that there might all-ready might be a module for this, but I havent been able to locate it. I have so for been trying work around the problem myself with something like this.( se below) It gives the right answer if cookies is allowed, but if not the script just stop when I call the fetch CGI::Cookie My error log says: Can't call method value on an undefined value at /usr/local/apache/cgi-bin/cook6.pl line 25 ( it is referring to : $id = $cookies{'oversaet'}-value;) Any help with telling me which module to use, or how to work around this problem with my script will be greatly appreciated. #! /bin/perl -w use CGI::Cookie; use CGI qw/:standard/; my $query = new CGI; $jack = flow; $c = new CGI::Cookie(-name ='oversaet', -value = ['1',$jack], -path = '/', -expires = +25m); print header (-cookie=$c); print $query-start_html(-tittle='example'); print htmlheadtitlecookies/title/head\n; %cookies = fetch CGI::Cookie; $id = $cookies{'oversaet'}-value; if ($id = 1$jack) { print cookie set; } else { print cookie NOT set!!!; = -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d s+:++ a C++ UL++ US+ P+++ L++ W+++ w PS PE t++ b+ G e r+++ z --END GEEK CODE BLOCK-- __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[perl #22609] function/module to check if visitors have their cookies enabled
Hi Andrew Brosnan, you are right it was perl,, I was just to tired..sorry. ( it is 4 in the morning here) I have changed the code you sent a little bit and now it works on my server, so thanx for helping out. Regard Ahrent Soendergaard I ended up with use CGI::Cookie; use CGI qw/:standard/; my $query = new CGI; $c = new CGI::Cookie(-name ='test', -value = 'testing user settings' ); print header (-cookie=$c); my $cookie = $query-cookie('test'); if ($cookie) { print ok; #they have my cookie! } else{ #no cookie...tell them to enable cookies print not ok; } === At 2003-06-06, 21:44:00 you wrote: === what I wrote was perl; just suggesting javascript since it is easier to check if cookies are enabled rather than set. On 3/9/03 at 3:30 AM, [EMAIL PROTECTED] (Ahrent) wrote: Hi Andrew Brosnan, Thanks for the code, but I do not like javascript for this work, since not all users can use it. Regards Ahrent Soendergaard === At 2003-06-06, 21:25:00 you wrote: === On 3/9/03 at 2:51 AM, [EMAIL PROTECTED] (Ahrent) wrote: Hi IÌm looking for a function/module to check if visitors have their cookies enabled when they come to my site. A little Javascript may be better for your purpose; but consider: use CGI; my $q = new CGI; my $cookie = $q-cookie('session'); if ($cookie) { #they have my cookie! } else{ #no cookie...better set one $cookie = 'my_cookie_value'; my $cookie = $q-cookie( -name = 'session', -value = $cookie, -expires = '3h' ); print $q-header( -cookie = $cookie); } Regards Andrew -- This post is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Any code contained herein is likely UNTESTED and may cause your system to explode upon execution. Furthermore, please be advised that I am really just a Perl ninny, and you probably should not be taking my advice in the first place. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] = = = = = = = = = = = = = = = = = = = = Vi Ses. Ahrent 2003-03-09 = = = = = = = = = = = = = = = = = = = = Vi Ses. Ahrent 2003-03-09 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: shared cookies
Wiggins D'Anconia [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hytham Shehab wrote: hi guys, i have multiple domain names - etc multiple sites - that i would like to share cookies inbetween, how can i - literally - do that, and is it enough to use HTTP::Cookies !? Mostly you can't, which is why I suppose the list has been so quiet. This is a security issue, you don't want other domains reading cookies that were specifically for your domain do you? If you are talking sub snip / Microsoft has this thing called hta (hypertext applications, or something like that) where you digitally sign your .asp file and give it a .hta extension. Client side code can then work out of the sandbox (i.e. read cookies from other domains). MS specific. Todd W. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
shared cookies
hi guys, i have multiple domain names - etc multiple sites - that i would like to share cookies inbetween, how can i - literally - do that, and is it enough to use HTTP::Cookies !? thx 4 help -- Hytham Shehab -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Cookies, CGI
I'm trying to set a cookie and have it returned to the script before the user has to visit another page. I'm currently doing it like this: Original Cookie already set User request - Script returns Set-cookie and Refresh to second script Second script called with original cookie, not new one User Request - New cookie used I want the second script to be called with the new cookie. I've also tried this: Original Cookie already set User request - Script returns Set-cookie and Refresh to refresh script Refresh script returns refresh to Second script Second script called with original cookie, not new one User Request - New cookie sent Shouldn't the browser create a new http request and send the current cookies when performing a refresh? Any light on the matter appreciated. Thanks Nigel MIS Web Design http://www.miswebdesign.com/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Cookies, CGI
Try CGI::Cookie Dan -Original Message- From: Nigel Peck - MIS Web Design [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 6:18 AM To: CGI List; [EMAIL PROTECTED] Subject: Cookies, CGI I'm trying to set a cookie and have it returned to the script before the user has to visit another page. I'm currently doing it like this: Original Cookie already set User request - Script returns Set-cookie and Refresh to second script Second script called with original cookie, not new one User Request - New cookie used I want the second script to be called with the new cookie. I've also tried this: Original Cookie already set User request - Script returns Set-cookie and Refresh to refresh script Refresh script returns refresh to Second script Second script called with original cookie, not new one User Request - New cookie sent Shouldn't the browser create a new http request and send the current cookies when performing a refresh? Any light on the matter appreciated. Thanks Nigel MIS Web Design http://www.miswebdesign.com/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cookies, CGI
Nigel Peck - MIS Web Design wrote: I'm trying to set a cookie and have it returned to the script before the user has to visit another page. I'm currently doing it like this: Original Cookie already set User request - Script returns Set-cookie and Refresh to second script Second script called with original cookie, not new one User Request - New cookie used I want the second script to be called with the new cookie. I've also tried this: Original Cookie already set User request - Script returns Set-cookie and Refresh to refresh script Refresh script returns refresh to Second script Second script called with original cookie, not new one User Request - New cookie sent Shouldn't the browser create a new http request and send the current cookies when performing a refresh? Any light on the matter appreciated. Thanks Nigel What are you using the cookies for? There are usually better ways, that require much less reliance on the internals of the browser, and incur much less visitor resentment/contempt. The simplest, in my view, is to simply insert a hidden field into the form that recalls the script. One that I often use is: input type=hidden name=Stage value=Initiation and of course, you would add others at any given stage for the information relevant to the stage of the process involved. The advantage is that form fields are very standard HTML, and do not screw with the user's file system. This makes them much more welcome. Joseph -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]