Gossamer Forum
Home : Products : DBMan : Customization :

MOD: Session Cookie

Quote Reply
MOD: Session Cookie
Session Cookie Mod
Copyright 2000, oldmoney

Summary:
Session Cookie Mod creates a persistent session, enabling users to login to your DB just once per session. Now they can go to other non-DB pages on your site or even other sites, and when they return to the DB they are still logged in provided they have not closed all browser windows (e.g. killed the session cookie). Sessions expire and users can still log off as per normal.

Requirements: Matt's HTTP Cookie Library, found at www.worldwidemart.com/scripts/cookielib.shtml

Instructions:

1. Download cookie.lib, change the variable $Cookie_Domain = '.yourdomain.com'; and upload to your server with the permissions 644.

2. In db.cgi, add
Code:
require 'cookie.lib'; # Session Cookie Mod
after
Code:
require "auth.pl"; # Authorization Routines
and add
Code:
&SetCookies('session','');
after
Code:
elsif ($in{'logoff'}) { &auth_logging('logged off') if ($auth_logging);

3. In auth.pl, replace
Code:
open(AUTH, ">$auth_dir/$db_uid") or &cgierr("unable to open auth file: $auth_dir/$uid. Reason: $!\n");
print AUTH "$uid: $ENV{'REMOTE_HOST'}\n";
close AUTH;
foreach (0 .. 3) { $permissions[$_] = int($permissions[$_]); }
&auth_logging('logged on', $userid) if ($auth_logging);
return ('ok', $db_uid, $view, $add, $del, $mod, $admin);
with
Code:
open(AUTH, ">$auth_dir/$db_uid") or &cgierr("unable to open auth file: $auth_dir/$uid. Reason: $!\n");
print AUTH "$view:$add:$del:$mod:$admin:$ENV{'REMOTE_HOST'}\n"; # Session Cookie Mod
close AUTH;
foreach (0 .. 3) { $permissions[$_] = int($permissions[$_]); }
&auth_logging('logged on', $userid) if ($auth_logging);
&SetCookies('session',$db_uid); # Session Cookie Mod
return ('ok', $db_uid, $view, $add, $del, $mod, $admin);
and replace
Code:
else { # User has not logged on yet.
return 'no login';
}
with
Code:
else { # Session Cookie Mod
&GetCookies('session');
if (length($Cookies{'session'}) > 4) {
$db_uid = $Cookies{'session'};
if (-e "$auth_dir/$db_uid") {
open(AUTH, "<$auth_dir/$db_uid") or &cgierr("unable to open auth file: $auth_dir/$uid. Reason: $!\n");
@perm = <AUTH>;
close AUTH;
($view, $add, $del, $mod, $admin, $host) = split (/:/, @perm[0]);
return ('ok', $db_uid, $view, $add, $del, $mod, $admin); }
else {
&SetCookies('session','');
return 'no login';
}
}
else { return 'no login'; }
}

That's it... some final thoughts: I have tested this with multiple DBs sharing a common auth and password files. It will require substantial modification if you are running multiple DBs with separate password files. You can cut down on server overhead by moving most of the static HTML out of default.pl, and could also extend this mod to completely eliminate the authorization check for viewing records (assuming your DB is configured to allow the default user). Finally, integration with other scripts should be easier since the current session is now stored in a cookie.

------------------
The Immuatable Order of Modding
-=-=-=-=-=-=-=-
1. Read the FAQ, 2. Search the board, 2a. Search the board again, 3. ask the question, 4. back-up, 5. experiment, 6. rephrase question (or better yet, post solution to original question)

[This message has been edited by oldmoney (edited April 01, 2000).]
Subject Author Views Date
Thread MOD: Session Cookie oldmoney 8376 Apr 1, 2000, 12:12 AM
Post Re: MOD: Session Cookie
Stealth 8226 Apr 1, 2000, 6:36 PM
Post Re: MOD: Session Cookie
millsie 8243 Apr 2, 2000, 11:09 PM
Post Re: MOD: Session Cookie
oldmoney 8254 Apr 3, 2000, 3:52 AM
Post Re: MOD: Session Cookie
JPDeni 8272 Apr 3, 2000, 11:27 AM
Post Re: MOD: Session Cookie
oldmoney 8259 Apr 3, 2000, 3:18 PM
Post Re: MOD: Session Cookie
JPDeni 8252 Apr 3, 2000, 3:46 PM
Post Re: MOD: Session Cookie
millsie 8234 Apr 16, 2000, 2:06 AM
Post Re: MOD: Session Cookie
oldmoney 8217 Apr 16, 2000, 10:15 AM
Thread Re: MOD: Session Cookie
leisurelee 8237 Apr 16, 2000, 5:43 PM
Thread Re: MOD: Session Cookie
anr 8196 Jul 5, 2000, 7:04 PM
Thread Re: MOD: Session Cookie
anr 8185 Jul 6, 2000, 1:07 AM
Post Re: MOD: Session Cookie
anr 8189 Jul 6, 2000, 7:44 AM
Thread Re: MOD: Session Cookie
eric74 7553 Aug 5, 2001, 10:01 AM
Thread Re: MOD: Session Cookie
LoisC 7558 Aug 6, 2001, 8:28 PM
Thread Re: MOD: Session Cookie
eric74 7536 Aug 7, 2001, 6:47 AM
Thread Re: MOD: Session Cookie
LoisC 7600 Aug 7, 2001, 10:28 PM
Thread Re: MOD: Session Cookie
oldmoney 7505 Aug 28, 2001, 2:49 PM
Thread Re: [oldmoney] MOD: Session Cookie
eric74 7387 Feb 24, 2002, 5:47 AM
Thread Re: [eric74] MOD: Session Cookie
LoisC 7391 Feb 24, 2002, 9:25 AM
Thread Re: [LoisC] MOD: Session Cookie
Paul 7433 Feb 24, 2002, 9:28 AM
Thread Re: [Paul] MOD: Session Cookie
eric74 7245 Jul 16, 2002, 9:55 AM
Post Re: [eric74] MOD: Session Cookie
Paul 7277 Jul 16, 2002, 10:03 AM