http://www.perlmonks.org?node_id=1032398


in reply to Re: Problems getting session management to work: is_expired seems to lie to me
in thread Problems getting session management to work: is_expired seems to lie to me

Yes, yes, you point to trivial programs that run from the commandline, but those specific scripts will not work as CGI programs as they do not write the usual suite of headers, or valid HTML, to standard out. The fact is that in a number of cases, I have found the behaviour of certain code snippets differing based on whether executed from a commandline script or from within a CGI script. This is why I included all that was necessary to have apache use perl to create the output page, and also why code of the sort you recommend can not answer the question. The code I posted is trivially simple (about 60 lines in the package and about 30 in the cgi script, hardly qualifies as much unrelated code - and in fact most of the code in the pl script is what is necessary to create a valid CGI script - and yes, you need not look at the code in the package unless you're interested in error handling in that context - but it makes the output of the CGI script more interesting), but it is sufficient to provide a trivially simple context in which the value returned by is_expired is wrong. The code in the posts you provided illustrates how is_expired is supposed to work, and that is something I already understood. What I did not understand, and the specific question you ignored, is why it did not work that way when applied in a more realistic context.

To see the code I posted in action, all that need be done is put it in the cgi directory for your web browser, request the page using your favourite browser, and then request once, in less than 5 minutes, to see what ought to happen when the session ought not have timed out, and then wait a little over 5 minutes (something that the impatient can adjust without difficulty) to see what happens when the session ought to have expired.

And yes, I am familiar with the notion of small, self contained, programs that illustrate the problem, and the code I posted IS small, self contained, and shows the problem where the code you recommend, while small and self contained, is not adequate to illustrate the problem because they would have to be singificantly altered in order to be executed as a CGI script. The relevant criterion that makes the code I posted applicable is that it shows the problem. Now, as I do not know why the problem exists, it could be anything from some peculiarity in the Activestate distributions, or running it on Windows, or anything else that I can't yet imagine, but information that will tell me what is the cause is what is needed here; nothing else.

Do you have any information that might actually address the real problem?

thanks

Ted

  • Comment on Re^2: Problems getting session management to work: is_expired seems to lie to me

Replies are listed 'Best First'.
Re^3: Problems getting session management to work: is_expired seems to lie to me (basic)
by Anonymous Monk on May 06, 2013 at 22:40 UTC
[reply]

      Look again. A new session is created in the second half of the conditional block in my script. A new session is crated only the first time the page is accessed, which I can detect based on whether or not $cnt is defined.

      Thanks

      <Ted

[reply]

        :D

        the cookie expires , so the browser doesn't send the cookie, so there is no sessionid

        the problem with your code, you're branching on cnt, not on cookie -- cnt having true value doesn't mean there is cookie (browser already expired it, not sent)

        if you add ;CGISESSID=46f86ba31e44829feae6755e5695eca4 to the end of cnt url you'll get both is_expired and is_empty

        basic debugging checklist works :)

[reply]

In Section Seekers of Perl Wisdom