Embperl Sessions, and Re: Embperl: Storing session info in FILES? (fwd)
Hello,
On Thu, Apr 27, 2000 at 01:55:46PM -0500, Igor Chudov @ home wrote:
BEGIN
{
$ENV{EMBPERL_SESSION_CLASSES} = "DBIStore SysVSemaphoreLocker" ;
$ENV{EMBPERL_SESSION_ARGS}= "DataSource=dbi:mysql:session UserNam
according to "perldoc Apache::Session" this should read
$ENV{EMBPERL_SESSION_CLASSES} = "FileStore SysVSemaphoreLocker" ;
and maybe (?)
$ENV{EMBPERL_SESSION_ARGS}= "/var/my-tmp/sessions";
for some odd location...
use HTML::Embperl ;
and one more Embperl question. I am writing a program that can store the session
data in a data base using Embperl's %udat just fine, but I have too
little influence (imho) on what goes in that cookie, or how to delete
a session cleanly.
What I need:
- several cookies per user eg. to integrate TicketAccess with Embperl,
using different cookie names and other parameters like path info
or expire. Eg. getting a cookie in advance on "/tools/login.epl"
and then logging in doesn't make much sense when the cookie path
info is "/tools/login.epl" and thus should not be sent to eg.
"/vault/other/data/show.epl" or so.
- a way to say "logout". Currently, if I grab the cookie and then send
a new one with expire (1970) to the browser, %udat remains populated,
and the session data remains on disk. Unfortunately at the next
page load of anything I still have that same data in %udat.
Saying "undef $udat{_session_id}" prevents me to log in a second time,
however, and is thus undesirable. Killing the browser to log out and
having no way to restart the old session is also not "the right thing
to do". My current "logout.epl" page looks like this (fully
experimental misquality). You can easily see at the end of the
page that I tried to call the DELETE method to remove the item
from the session store (mysql in my case), but dropped that.
[-
use CGI::Cookie;
use lib "../config";
use MyConfig;
# inspired by keystone:
sub killcookie {
my $cookie = shift;
$cookie-value ('deleted');
$cookie-expires ('-1');
$cookie-path ('/');
}
# as of perldoc CGI::Cookie
%cookies = fetch CGI::Cookie;
$MyCookie = $cookies{$MyConfig::CookieName};
open LogFile, "/tmp/my.log";
print LogFile "Cookie: $MyCookie\n";
print LogFile "other cookie actions:\n";
foreach (keys %cookies) {
next if $_ !~ /^\s*$/;
print LogFile "killing ", $cookies{$_}, "\n";
killcookie ($cookies{$_});
$req_rec-header_out("Set-Cookie" = $cookie);
}
close LogFile;
#undef $udat{_session_id};
$udat{cookies} = \%cookies;
#$udat{realname} = "Not logged in";
$req_rec-header_out("Location" = "$ENV{HTTP_REFERER}");
$req_rec-status (302);
#tied (%udat)-delete;
-]
RE: Embperl Sessions, and Re: Embperl: Storing session info in FILES? (fwd)
Hello,
What I need:
- several cookies per user eg. to integrate TicketAccess with Embperl,
using different cookie names and other parameters like path info
or expire.
If you really need different cookies, you can implement them on your on with
the Set-Cookie http header. This seems only to make sense if you need
different cookie paths or different expire times. Don't know if it's very
user friendly, at least for user which get ask for every cookie the server
send, like me...
Eg. getting a cookie in advance on "/tools/login.epl"
and then logging in doesn't make much sense when the cookie path
info is "/tools/login.epl" and thus should not be sent to eg.
"/vault/other/data/show.epl" or so.
There is a config directive EMBPERL_COOKIE_PATH you can use to set the
correct cookie path.
- a way to say "logout". Currently, if I grab the cookie and then send
a new one with expire (1970) to the browser, %udat remains populated,
and the session data remains on disk. Unfortunately at the next
page load of anything I still have that same data in %udat.
%udat = () ;
will surely delete all data from %udat.
Saying "undef $udat{_session_id}" prevents me to log in a second time,
however, and is thus undesirable. Killing the browser to log out and
having no way to restart the old session is also not "the right thing
to do". My current "logout.epl" page looks like this (fully
experimental misquality). You can easily see at the end of the
page that I tried to call the DELETE method to remove the item
from the session store (mysql in my case), but dropped that.
[-
use CGI::Cookie;
use lib "../config";
use MyConfig;
# inspired by keystone:
sub killcookie {
my $cookie = shift;
$cookie-value ('deleted');
$cookie-expires ('-1');
$cookie-path ('/');
}
# as of perldoc CGI::Cookie
%cookies = fetch CGI::Cookie;
$MyCookie = $cookies{$MyConfig::CookieName};
open LogFile, "/tmp/my.log";
print LogFile "Cookie: $MyCookie\n";
print LogFile "other cookie actions:\n";
foreach (keys %cookies) {
next if $_ !~ /^\s*$/;
print LogFile "killing ", $cookies{$_}, "\n";
killcookie ($cookies{$_});
$req_rec-header_out("Set-Cookie" = $cookie);
where is $cookie defined?
}
close LogFile;
#undef $udat{_session_id};
$udat{cookies} = \%cookies;
Why do you save \%cookie in %udat if you want to delete them. Wouldn't using
%udat = () ;
be better?
#$udat{realname} = "Not logged in";
$req_rec-header_out("Location" = "$ENV{HTTP_REFERER}");
$req_rec-status (302);
#tied (%udat)-delete;
Try to change the line 273 in Embperl/Session.pm from
if (!$self - {'status'})
to
if (($self - {'status'} 7) == 0)
does the
tied (%udat)-delete;
work now?
Gerald
There is a new Embperl mailing list ([EMAIL PROTECTED])
-
Gerald Richterecos electronic communication services gmbh
Internetconnect * Webserver/-design/-datenbanken * Consulting
Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz
E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925151
WWW:http://www.ecos.de Fax: +49 6133 925152
-
