The following are snippets from 2 user authentication scripts that I have. The first attempts to set a cookie after auth has passed and the second reads and writes the cookie from the screen. For some reason the cookie value is not printing to the screen:

# Script 1 writes the cookie
print "Content-type: text/html\n\n";
print "Set-Cookie: foo=bar; path=/; expires=Mon, 01-Jan 2003 00:00:00 GMT";

#Script 2 reads name/value pairs and attempts to print to #screen
print "Content-type: text/html\n\n";
@nvpairs=split(/; /, $ENV{'HTTP_COOKIE'});

foreach $pair (@nvpairs) {
($name, $value) = split(/=/, $pair);
$cookie{$name} = $value;
}

$myVar = $cookie{'foo'};
print "Cookie: $myVar";

Am I missing something obvious here? $myVar is empty!

Thanks in advance,

Paul

Well I was kinda hoping for a staff member to move it rather than you posting the same thread...ah well.

http://www.perldoc.com/...GI.html#HTTP-COOKIES

Look at this whacked undef error I get when I run this test script:

use CGI qw/:standard/;
use CGI::Cookie;
my $id;

# Create new cookies and send them
$cookie1 = new CGI::Cookie(-name=>'ID',-value=>123456);
print header(-cookie=>[$cookie1]);


# fetch existing cookies
%cookies = fetch CGI::Cookie;
$id = $cookies{'ID'}->value;

print "Test: $id";

bash-2.03$ perl cookie.pl
Set-Cookie: ID=123456; path=/
Date: Fri, 17 May 2002 17:54:18 GMT
Content-Type: text/html; charset=ISO-8859-1

Can't call method "value" on an undefined value at cookie.pl line 12.

As you can see ID is clearly defined. Any clue why it's breaking?

Thanks,

Paul

Can I ask why are you using CGI.pm and CGI::Cookie. CGI.pm has built-in support for Cookies that are mroe than enough for what you require.

- wil

Try:

VERY strange. Your code works fine.

How do I explicitly destroy a cookie?

If you're using CGI.pm, which is a good idea to use when writing perl/cgi scripts, you can take advantage of it's built in cookie support.

The relevant section in the documentation states that "Negative expiration times (e.g. "-1d") cause some browsers to delete the cookie from its persistent store. This is a poorly documented feature.".

Here's some sample code to help you delete a cookie:


- wil

To delete a cookie you can just do -value => '' although it doesn't explicitly delete it but obviously it becomes useless and then expires. Or I guess you could set the expiry with -expires => '' and it would become a session cookie and expire when you close your browser.

I guess my browser of the exceptions. I'll dig around elsewhere and see what I can come up with.

Appreciate your help,

Paul

Sorry? I didn't understand that phrase. Paul and I between us have provided three different ways for you to acomplish this - no need to look elsewhere :-)

- wil

Hah. You know I'm talking about the negative expiration date not working in my browser, right?

Hm. What browser you using? It should work.

- wil

cgi-lib uses:

print "Set-Cookie: $name=deleted; expires=Thu, 01-Jan-1970 00:00:00 GMT;\n";

...to delete cookies.

> use CGI qw/:standard/;
>
> # Create a CGI object.
> my $IN = new CGI;

If you're creating a CGI object to take advantage of CGI.pm OO interface then you don't need to import a set of functions into your name space.

- wil

Here are both auth scripts in their entirety. As you can see I'm trying to pass a param from one script to the other by saving it locally as a cookie. The user's SSN is saved as a cookie and he is redirected after authenticaion.

One question I have is this:

If I pass a param from one script to another as part of the URL (querystring) is there any way to retrieve and store it in the second script as a scalar:

http://www.mysite.com/test.pl?value=junk

And then in test.pl:

my Value = param("value");

I realize the above won't work as value isn't actually a form. I'm just wondering if there's something similar to ASP's Request.Querystring?

The "print cookie" part of the second script returns nothing.

Any help (including a new way of performing what I need to) would be greatly appreciated!

SCRIPT 1
#!/usr/bin/perl -w

## html headers
print "Content-type: text/html\n\n";
print "<head><title>Verifying login</title>";

## mods
use DBI;
use CGI qw(param);

## connect to the database
my $dbh = DBI->connect( "dbi:mysql:maindata", "","" );

my $ssn = param("username");
my $password = param("password");

## prepare a SQL statement for execution
$sth = $dbh->prepare( "SELECT * FROM users where ssn Like '$ssn'");

## execute the statement in the database
$sth->execute();

## retrieve the returned rows of data
@row = $sth->fetchrow_array();
my $admin = @row[1];
my $loggedin = @row[3];

## check pass
if ($password ne $row[0]) {
print "Username and/or password incorrect. Please go back and try again.";
die("Username and password do not match. Please click back and reenter.");
}

if ($password eq $row[0]) { &Checkaccess; }
else { print "<META http-equiv=\"refresh\" content=\"0; URL=http://snoopy.edtech/p.stewart/va/student.html\">"; }

sub Checkaccess() {

if ($loggedin ne "1") {

$sth2 = $dbh->prepare("DELETE FROM users where ssn Like '$ssn'");
$sth2->execute();

if ($type eq "student") {
$admin = 3;
}

if ($type eq "faculty") {
$admin = 2;
}

$query2 = "INSERT INTO users (password, admin, ssn, loggedin)
VALUES ('$password', '$admin', '$ssn', '1')";
$sth3 = $dbh->prepare($query2);
$sth3->execute();

#Print change password form
print qq {
<html>
<form method="post" action="/cgi-bin/p.stewart/changepass.pl">
Choose a new password: <input type="password" name="password"><br><br>
<input type=hidden name=ssn value="$ssn">
<input type=hidden name=admin value="$admin">
<input type=submit>
</form>
</html>
}

} else {

print "Content-type: text/html\n\n";
"Set-Cookie: SS=deleted; expires=Thu, 01-Jan-1970 00:00:00 GMT;\n";

my $INN = new CGI;

# Define the cookie.
my $cookie = $INN->cookie( -name=> 'SS', -value => $ssn, expires => '+24h', domain => '' );

# Create the cookie.
print $INN->header(-cookie=>[$cookie]);

if ($row[1] eq "1") {
print "<META http-equiv=\"refresh\" content=\"0; URL=http://snoopy.edtech./p.stewart/va/admin.html\">";
}

elsif ($row[1] eq "2") {
print "<META http-equiv=\"refresh\" content=\"0; URL=http://snoopy.edtech/p.stewart/va/faculty.html\">";
}

elsif ($row[1] eq "3") {
print "<META http-equiv=\"refresh\" content=\"0; URL=http://snoopy.edtech./cgi-bin/p.stewart/student.pl">";
}
}
}

SCRIPT 2


#!/usr/bin/perl -w


# mods
use CGI qw(param);
use CGI::Cookie;

## html headers
print "Content-type: text/html\n\n";

my $INN = new CGI;

# Fetch and print cookie.
my $idd = $INN->cookie('SS');
print "Test: $idd" || die("no");



Thanks again!

Paul