Digioso has asked for the wisdom of the Perl Monks concerning the following question:
Hi all,
I'm trying to build a login-system based on CGI::Session.
I have the registration, login and logout running so far but I currently have an issue that a session seems to get deleted after about 10 seconds or so automatically. I tried using something like $session->expire('+1h'); to force a session expiration date but this does not seem to work.
My code so far:
Navi.pm (this module basically prints the navigation on my website, html-meta-tags, CSS and so on).
This module is included in all my files:
Relevant code:
Navi::print_navi function:
Navi::end_navi function basically prints some stuff and then finally ends with print $cgi->end_html;
Now for the code that directly affects the login:
login.pl : That file creates a new session and logs the user in. If successful redirects to index.pl
login_check.pm: This module checks (or at least it's supposed to do... That's my whole problem...) whether a user has a valid session or not. If yes, the login_check function returns the userid stored in $session->param("uid"). If not it returns -1 .
My problem is that $session->is_empty returns true after being idle for about 10 seconds. As long as I click around everything's fine, but leaving it idle deletes my session.
Thanks in advance. :)
I'm trying to build a login-system based on CGI::Session.
I have the registration, login and logout running so far but I currently have an issue that a session seems to get deleted after about 10 seconds or so automatically. I tried using something like $session->expire('+1h'); to force a session expiration date but this does not seem to work.
My code so far:
Navi.pm (this module basically prints the navigation on my website, html-meta-tags, CSS and so on).
This module is included in all my files:
Relevant code:
Navi::print_navi function:
print $cgi->header(-cache_control=>"no-cache, no-store, must-revalid +ate"), # create the HTTP header $cgi->start_html(-title=>"$title", -author=>'webmaster at digioso.org', -meta=>{long list of meta information here........., -style=>{'src'=>'http://www.digioso.org/style.css'}); +# start the HTML
Navi::end_navi function basically prints some stuff and then finally ends with print $cgi->end_html;
Now for the code that directly affects the login:
login.pl : That file creates a new session and logs the user in. If successful redirects to index.pl
index.pl: Currently doesn't really have any content.#!/usr/bin/perl -w use warnings; use strict; use CGI; use CGI::Carp qw/fatalsToBrowser warningsToBrowser/; use Digest::MD5 qw(md5_base64); use CGI::Session; use lib "<path to my libraries on that server>"; use Navi; use DB; my $cgi = CGI->new(); my $dbh = DB::connect_db(); my $usr = $cgi->param('usr'); my $pwd = $cgi->param('pwd'); if($usr ne '') { my $encrpass = md5_base64($pwd); my $sql = qq{SELECT id FROM consystem_users WHERE username=? and p +assword=?}; my $sth = $dbh->prepare($sql) or die $dbh->errstr; $sth->execute($usr, $encrpass) or die $sth->errstr; my $userid = $sth->fetchrow_array; if($userid != "") { my $session = new CGI::Session(); $session->param("uid", $userid); $session->expire('+1h'); print $session->header(-location=>'index.pl'); } else { Navi::print_navi(": digioso :"); # Print Navigation print qq{<div id="category">[ LOGIN ]</div>}; print "Username or password wrong !<br/><a href='login.pl?acti +on=login'>Try again.</a>"; Navi->end_navi(); } } elsif($cgi->param('action') eq 'logout') { my $session = CGI::Session->load() or die CGI::Session->errstr; $session->delete(); print $session->header(-location=>'login.pl'); } elsif($cgi->param('action') ne 'login' && $usr eq "") { Navi::print_navi(": digioso :"); # Print Navigation print "<br/><br/>Please input username and password !"; print_login(); } else { Navi::print_navi(": digioso :"); # Print Navigation print_login(); } sub print_login() { print qq{<br/><br/><form method="post"><table> <tr><td>Username:</td><td><input type="text" name="usr"></td>< +/tr> <tr><td>Password:</td><td><input type="password" name="pwd" ma +xlength="30"></td></tr></table><br/> <input type="submit" value="Submit"> </form> <br/>You don't have an account? Create one <a href="register.p +l">here</a>.}; Navi->end_navi(); } DB::close_db(); exit 0;
Index.pl includes the login_check module. Since my login-system has more than one file I don't want to have the same code in each of them.#!/usr/bin/perl -w use warnings; use strict; use lib "<path to my libraries on that server>"; use CGI; use CGI::Carp qw/fatalsToBrowser warningsToBrowser/; use login_check; use Navi; my $cgi = CGI->new(); my $uid = login_check($cgi, ": Digiosos Con-System :"); if($uid > 0) { print qq{ $uid <a href="test.pl">Test</a>}; Navi->end_navi(); } exit 0;
login_check.pm: This module checks (or at least it's supposed to do... That's my whole problem...) whether a user has a valid session or not. If yes, the login_check function returns the userid stored in $session->param("uid"). If not it returns -1 .
My problem is that $session->is_empty returns true after being idle for about 10 seconds. As long as I click around everything's fine, but leaving it idle deletes my session.
#!/usr/bin/perl -w use warnings; use strict; use lib "<path to my libraries on that server>"; use Navi; use CGI::Carp qw/fatalsToBrowser warningsToBrowser/; use CGI::Session; sub login_check($$) { my $cgi = shift; my $title = shift; my $session = CGI::Session->load(); Navi::print_navi("$title", 1); # Print Navigation if($session->is_expired) { print qq{<div id="category">[ LOGIN ]</div>}; print "Your has session expired. Please login again."; print "<br/><a href='login.pl>Login</a>"; Navi->end_navi(); return -1; } elsif($session->is_empty) { print qq{<div id="category">[ LOGIN ]</div>}; print "You have not logged in.<br/><a href='login.pl'>Login</a +> "; Navi->end_navi(); return -1 } else { print qq{<div id="category">[ CON-SYSTEM ]</div>}; print "<a href='index.pl'>Index-Page</a> <a href='changepw.pl' +>Change Password</a> <a href='login.pl?action=logout'>Logout</a><br/> +<br/>"; return $session->param("uid"); } } 1;
Thanks in advance. :)
|
---|
Back to
Seekers of Perl Wisdom