Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re^4: CGI::Session keeps re-using same session ID

by alain_desilets (Beadle)
on May 04, 2012 at 18:42 UTC ( #968968=note: print w/ replies, xml ) Need Help??


in reply to Re^3: CGI::Session keeps re-using same session ID
in thread CGI::Session keeps re-using same session ID

It worked! Thx a million!

Is it me, or is the documentation for CGI::Session severely misleading? It clearly says:

new( DSN, SID, HASHREF )

    Requires three arguments. First is the Data Source Name, second should be the session id to be initialized or an object which provides either of 'param()' or 'cookie()' mehods. If Data Source Name is undef, it will fall back to default values, which are "driver:File;serializer:Default;id:MD5".

    If session id is missing, ***it will force the library to generate a new session id***, which will be accessible through id() method.
But obviously, it doesn't.


Comment on Re^4: CGI::Session keeps re-using same session ID
Re^5: CGI::Session keeps re-using same session ID
by Anonymous Monk on May 04, 2012 at 20:30 UTC

    Is it me, or is the documentation for CGI::Session severely misleading?

    It's not just you, though at the moment, I can't judge if it is misleading

    The latest version, which is what I read, says http://search.cpan.org/~markstos/CGI-Session-4.48/lib/CGI/Session.pm#new%28%29

    If called without any arguments, $dsn defaults to driver:file;serializer:default;id:md5, $query||$sid defaults to CGI->new(), and \%dsn_args defaults to undef.

    That isn't strictly true as it defaults to CGI->new whenever the second argument is undef

    At the moment, I've no idea how that could be improved :) patches welcome

    However, you probably would not have run into this if you weren't implementing your own login logic error :) as "Basic cookie management " teaches , you set one cookie per browser ( brand-the-browser , associate sessionid with browser)

    Later, for login, you update some session data (username, login status )

    Later, for logout, you delete the entire session, and delete the cookie

    Or you could even, Later, for logout, keep the cookie (and session alive), but delete some session data (delete username, login status )...

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://968968]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (4)
As of 2014-11-23 17:25 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My preferred Perl binaries come from:














    Results (134 votes), past polls