Hi seniors.

I have testing the CGI::Session::Auth , however i found every time, i refresh the page
the script create a new cookie after i logined (authentication is ok).
the problem seems that script is not reading existing cookie properly so treat me as an
new visit and create a new cookie every time.

I wonder if any one could point me the problem?


#!/usr/bin/perl
# this is an test
use CGI;
use CGI::Session;
use CGI::Session::Auth::DBI;

# CGI object for headers, cookies, etc.
my $cgi = new CGI;
# CGI::Session object for session handling
my $session = new CGI::Session(undef, $cgi, {Directory=>'i:/tmp'});
#my $session = new CGI::Session(undef, $self->query, {Directory=>'/tmp'});

# CGI::Session::Auth object for authentication
my $auth = new CGI::Session::Auth::DBI({
CGI => $cgi,
Session => $session,
DSN => "dbi:mysql:host=localhost;database=testdb",
DBUser => "DBUser", ########
DBPasswd => "DBPasswd", ########
#DoIPAuth => 1
});



$auth->authenticate();

# check if visitor has already logged in
if ($auth->loggedIn) {

&showSecretPage;
}
else {
&showLoginPage;
}

It looks like the cookie might not be getting set. Here's a snippet form the POD:


I checked the source quickly and I don't see it doing this for you automagiacally. Are you setting the cookie somewhere else in your code? If yes, then make sure the cookie is set propery and also check the /tmp dir and see if the sessions is being created.

~Charlie

Chaz. thanks.
the cookie has been set sucessfully. as i stated. everytimes i refresh the page. it will create a new cookie. the problem looks like the scirpit is never dettect the exist cookie already there.

Sorry, I read cookie as session in your OP. Did you check the cookie that is being set to make sure it has the correct session name, etc? What about the session on disk - was it created?

~Charlie

Below are the tested working version of sample using cgi-application. i just convert it to the scripit above.
anything i missed?

#!/usr/bin/perl
# this is an ok version now
#http://cpan.uwinnipeg.ca/htdocs/CGI-Session-Auth/CGI/Session/Auth/DBI.pm.html
package testapp;
use base qw( CGI::Application );
use CGI;
use CGI::Session;
use CGI::Session::Auth::DBI;
use CGI::Carp;
sub setup {
my $self = shift;

$self->start_mode('free');
$self->mode_param('cmd');
$self->run_modes(
'free' => 'showFreePage',
'secret' => 'showSecretPage',
'logout' => 'showLogoutPage',
);

# new session object
my $session = new CGI::Session(undef, $self->query, {Directory=>'i:/tmp'});
$self->param('_session' => $session);


# new authentication object
# my $auth = new CGI::Session::Auth({
my $auth = new CGI::Session::Auth::DBI({
CGI => $self->query,
Session => $self->param('_session'),
#Session => $self->param('_session','~profile'),
#profile => $self->param('~profile'),
DSN => "dbi:mysql:host=localhost;database=databasename",
DBUser => "DBUser",
DBPasswd => "DBPasswd",
DoIPAuth => 1,
});
$self->param('_auth' => $auth);
$auth->authenticate();
# send session cookie
$self->header_props( -cookie => $auth->sessionCookie() );
}
sub _auth {
my $self = shift;

return $self->param('_auth');
}


1;
package main;

my $app = new testapp;
$app->run();

The only real difference that I can see is that you are actually setting a cookie int he CGI::App subclassed version while you are not in your original version. Are you going to use the subclassed version or are you trying to get the first version working?

~Charlie

The only real difference that I can see is that you are actually setting a cookie
int he CGI::App subclassed version while you are not in your original version.
Are you going to use the subclassed version or are you trying to get the first version working?

Yes i want to get the first version working.
weather i need to revise the code?
$self->header_props( -cookie => $auth->sessionCookie()
to
header_props( -cookie => $auth->sessionCookie()) ;

I just do not know how to start. could you make a sample for me ?
Thanks in advance.

header_props is a CGI::App method so you can't use that directly unless you are using a CGI::App subclass. Take a look at the CGI docs[1] for settings cookies. Here is an untested example:



~Charlie

[1] http://search.cpan.org/.../CGI.pm#HTTP_COOKIES

Hi Chaz. Thank you very much. it works great.

Here is another cookie related problem.

I found this problem before and not yet be able to find out what causes the problem yet.
two pieces of code set cookie correctly in apache while sub checkuser only set cookie correctly as expected in apache




sub header {
&clear;
print "Set-Cookie: v=$FORM{'v'}; expires=Wednesday, 09-Nov-06 23:12:40 GMT\n";
print "content-type: text/html\n\n";
open (HEADER,"$thehead") || &error("Unable to open header file. Make sure it is uploaded. You may have to CHMOD the file to 666. If you still cannot get it to work, set the full server path to <b>header.txt</b> near the top of this script.");
@head=<HEADER>;
close (HEADER);
..................
..................
..................
}

above code set cookie sucessfully both in apache and iis
cookie looks like ( run under iis)

v

bbs/cgi-bin/calendar/
1024
2372887552
29819988
1938709504
29759201
*

---

when run below code to login, it seems cookie is not be updated as expected.
below code only set cookie as expected in apache while has problem in setting cookie correctly in iis

sub checkuser {

if ($FORM{'t'} eq "checkuser"){
$sth = $dbh->prepare("SELECT * FROM users WHERE usr='$FORM{'username'}' AND pass='$FORM{'password'}'");
$sth->execute || error("$DBI::errstr 16");
while($GET = $sth->fetchrow_hashref()) {
$pass_ok++;
if ($GET->{'date'} eq "admin"){
###print "Set-Cookie: calendric=superuser~calcookie~$GET->{'crypt'}; expires=Wednesday, 09-Nov-06 23:12:40 GMT\n";
print "Set-Cookie: v=blahblah; expires=Wednesday, 09-Nov-06 23:12:40 GMT\n";
}
else {
### print "Set-Cookie: calendric=calcookie~$GET->{'crypt'}; expires=Wednesday, 09-Nov-06 23:12:40 GMT\n";
print "Set-Cookie: v=blahblah; expires=Wednesday, 09-Nov-06 23:12:40 GMT\n";
}
..................
..................
..................
}

cookie looks like ( run under iis)

v
d
bbs/cgi-bin/calendar/
1024
2372887552
29819988
2186169504
29759201
*

---

weather this is an path related problem?

   

i found the problem nowl

here is problem code

print "Set-Cookie: calendric=; expires=Wednesday, 09-Nov-01 23:12:40 GMT\n";
print "Location: $script?v=$FORM{'v'}&d=$FORM{'d'}$wckext\n\n";

after i set the cookie, there should be a pinting of mime type
print "content-type: text/html\n\n";


The problem is once i printing the mime type and the code will print
out text/html and the new location will never be called properly

print "Set-Cookie: calendric=; expires=Wednesday, 09-Nov-01 23:12:40 GMT\n";
print "content-type: text/html\n\n";
print "Location: $script?v=$FORM{'v'}&d=$FORM{'d'}$wckext\n\n";

if any solution to this type of problem?


Thanks in advance

here is the same problem others talking about. but now solution yet.
http://www.webmasterworld.com/forum13/4183.htm

   

finnally, i use below code to auto redirct the page

print qq~
<META HTTP-EQUIV="refresh" content="1;URL=$script?admin=update_1">
ADMIN panel
click here to transfer to the next page
~;