Zhris has asked for the wisdom of the Perl Monks concerning the following question:
Hello,
I have been working on an old Perl login script, to make a couple of improvements. I have ran into a couple of problems with CGI::Session.
Upon login, if I use a header redirect to the homepage (a html webpage), then click on the "members zone" link, it will tell me that i'm not logged in. If I then re-click the same link, it will display what I expect, the "members zone" (logged in). This problem does not occur if I header redirect to the "members zone" directly after logging in. Another, I think related issue, the "Members Zone" is located "http://domain.com/Members.pl". I also have the directory "http://domain.com/Members" which contains an index.php file that redirects to "http://domain.com/Members.pl". It will also tell me that i'm not logged in, no matter what i try.
These issues seem to be related to the cache, and that its using the same compiled output of the "members zone" from before logging in. However, upon clearing my cache, then testing, the problem still occured. Why is this problem occurring, and how can I resolve it?
Here are the relevant sections of my code:
Login:
my $session = new CGI::Session(); if ($data{'Param'}{'Referer'}) { $session->param(-name => 'Referer', -value => $data{'Param'}{'Refe +rer'}); } my $referer = $session->param(-name=>'Referer') || $default_referer; # if ($data{'Param'}{'Login'}) { my $statement = "SELECT Client, Email, First_Name, Telephone_Numbe +r FROM $dbtable_Users WHERE (Email='$data{'Param'}{'Email'}' AND Pass +word='$data{'Param'}{'Password'}')"; my $sth = $dbh->prepare($statement); $sth->execute(); if ($sth->rows == 0) { $data{'Login'}{'Fail'} .= 'Wrong email / password combination. + Please retry. If you are having problems logging in, <a href="Contac +t-Us.php">Contact Us</a>. '; } else { while (my @row = $sth->fetchrow_array()) { $data{'Session'} = { 'LoginEpoch' => time, 'Client' => $row[0], 'Email' => $row[1], 'FirstName' => $row[2] }; } $session->param(-name => 'LoggedIn', -value => $data{'Session' +}); $session->expire('LoggedIn', "+10000s"); $session->flush(); print redirect($referer); exit(1); } } elsif ($data{'Param'}{'Logout'}) { $session->clear(['LoggedIn']); $session->flush(); print redirect('http://www.Domain.com/Login.pl?Event=You have logg +ed out'); exit(1); } else { $data{'Login'}{'Begin'} .= q(Please login. If you are having probl +ems logging in, <a href="Contact-Us.php">Contact Us</a>. ); } print $session->header(); #etc
Members Zone:
my $session_data; my $session = load CGI::Session(); if ($session->param(-name=>'LoggedIn')) { $session->expire('LoggedIn', "+10000s"); $session_data = $session->param(-name=>'LoggedIn'); } $session->flush(); #Not logged in unless ($session_data) { print redirect('http://www.Domain.com/Login.pl?Event=You must be l +ogged in to view this page&Referer=http://www.Domain.com/Members.pl') +; exit(1); } #Begin logged in if ($session_data) { print $session->header(); #etc }
Thanks,
Chris
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: CGI::Session "cache" issue
by Anonymous Monk on May 23, 2011 at 17:52 UTC | |
by Zhris (Initiate) on May 23, 2011 at 18:49 UTC | |
by Anonymous Monk on May 23, 2011 at 19:55 UTC | |
by Zhris (Initiate) on May 23, 2011 at 21:37 UTC | |
by Anonymous Monk on May 23, 2011 at 23:29 UTC | |
|