Embperl Sessions, and Re: Embperl: Storing session info in FILES? (fwd)
Hello, On Thu, Apr 27, 2000 at 01:55:46PM -0500, Igor Chudov @ home wrote: BEGIN { $ENV{EMBPERL_SESSION_CLASSES} = "DBIStore SysVSemaphoreLocker" ; $ENV{EMBPERL_SESSION_ARGS}= "DataSource=dbi:mysql:session UserNam according to "perldoc Apache::Session" this should read $ENV{EMBPERL_SESSION_CLASSES} = "FileStore SysVSemaphoreLocker" ; and maybe (?) $ENV{EMBPERL_SESSION_ARGS}= "/var/my-tmp/sessions"; for some odd location... use HTML::Embperl ; and one more Embperl question. I am writing a program that can store the session data in a data base using Embperl's %udat just fine, but I have too little influence (imho) on what goes in that cookie, or how to delete a session cleanly. What I need: - several cookies per user eg. to integrate TicketAccess with Embperl, using different cookie names and other parameters like path info or expire. Eg. getting a cookie in advance on "/tools/login.epl" and then logging in doesn't make much sense when the cookie path info is "/tools/login.epl" and thus should not be sent to eg. "/vault/other/data/show.epl" or so. - a way to say "logout". Currently, if I grab the cookie and then send a new one with expire (1970) to the browser, %udat remains populated, and the session data remains on disk. Unfortunately at the next page load of anything I still have that same data in %udat. Saying "undef $udat{_session_id}" prevents me to log in a second time, however, and is thus undesirable. Killing the browser to log out and having no way to restart the old session is also not "the right thing to do". My current "logout.epl" page looks like this (fully experimental misquality). You can easily see at the end of the page that I tried to call the DELETE method to remove the item from the session store (mysql in my case), but dropped that. [- use CGI::Cookie; use lib "../config"; use MyConfig; # inspired by keystone: sub killcookie { my $cookie = shift; $cookie-value ('deleted'); $cookie-expires ('-1'); $cookie-path ('/'); } # as of perldoc CGI::Cookie %cookies = fetch CGI::Cookie; $MyCookie = $cookies{$MyConfig::CookieName}; open LogFile, "/tmp/my.log"; print LogFile "Cookie: $MyCookie\n"; print LogFile "other cookie actions:\n"; foreach (keys %cookies) { next if $_ !~ /^\s*$/; print LogFile "killing ", $cookies{$_}, "\n"; killcookie ($cookies{$_}); $req_rec-header_out("Set-Cookie" = $cookie); } close LogFile; #undef $udat{_session_id}; $udat{cookies} = \%cookies; #$udat{realname} = "Not logged in"; $req_rec-header_out("Location" = "$ENV{HTTP_REFERER}"); $req_rec-status (302); #tied (%udat)-delete; -]
RE: Embperl Sessions, and Re: Embperl: Storing session info in FILES? (fwd)
Hello, What I need: - several cookies per user eg. to integrate TicketAccess with Embperl, using different cookie names and other parameters like path info or expire. If you really need different cookies, you can implement them on your on with the Set-Cookie http header. This seems only to make sense if you need different cookie paths or different expire times. Don't know if it's very user friendly, at least for user which get ask for every cookie the server send, like me... Eg. getting a cookie in advance on "/tools/login.epl" and then logging in doesn't make much sense when the cookie path info is "/tools/login.epl" and thus should not be sent to eg. "/vault/other/data/show.epl" or so. There is a config directive EMBPERL_COOKIE_PATH you can use to set the correct cookie path. - a way to say "logout". Currently, if I grab the cookie and then send a new one with expire (1970) to the browser, %udat remains populated, and the session data remains on disk. Unfortunately at the next page load of anything I still have that same data in %udat. %udat = () ; will surely delete all data from %udat. Saying "undef $udat{_session_id}" prevents me to log in a second time, however, and is thus undesirable. Killing the browser to log out and having no way to restart the old session is also not "the right thing to do". My current "logout.epl" page looks like this (fully experimental misquality). You can easily see at the end of the page that I tried to call the DELETE method to remove the item from the session store (mysql in my case), but dropped that. [- use CGI::Cookie; use lib "../config"; use MyConfig; # inspired by keystone: sub killcookie { my $cookie = shift; $cookie-value ('deleted'); $cookie-expires ('-1'); $cookie-path ('/'); } # as of perldoc CGI::Cookie %cookies = fetch CGI::Cookie; $MyCookie = $cookies{$MyConfig::CookieName}; open LogFile, "/tmp/my.log"; print LogFile "Cookie: $MyCookie\n"; print LogFile "other cookie actions:\n"; foreach (keys %cookies) { next if $_ !~ /^\s*$/; print LogFile "killing ", $cookies{$_}, "\n"; killcookie ($cookies{$_}); $req_rec-header_out("Set-Cookie" = $cookie); where is $cookie defined? } close LogFile; #undef $udat{_session_id}; $udat{cookies} = \%cookies; Why do you save \%cookie in %udat if you want to delete them. Wouldn't using %udat = () ; be better? #$udat{realname} = "Not logged in"; $req_rec-header_out("Location" = "$ENV{HTTP_REFERER}"); $req_rec-status (302); #tied (%udat)-delete; Try to change the line 273 in Embperl/Session.pm from if (!$self - {'status'}) to if (($self - {'status'} 7) == 0) does the tied (%udat)-delete; work now? Gerald There is a new Embperl mailing list ([EMAIL PROTECTED]) - Gerald Richterecos electronic communication services gmbh Internetconnect * Webserver/-design/-datenbanken * Consulting Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925151 WWW:http://www.ecos.de Fax: +49 6133 925152 -