Hello,
I have been working on an old Perl login script, to make a couple of improvements. I have ran into a couple of problems with CGI::Session.
Upon login, if I use a header redirect to the homepage (a html webpage), then click on the "members zone" link, it will tell me that i'm not logged in. If I then re-click the same link, it will display what I expect, the "members zone" (logged in). This problem does not occur if I header redirect to the "members zone" directly after logging in.
Another, I think related issue, the "Members Zone" is located "http://domain.com/Members.pl". I also have the directory "http://domain.com/Members" which contains an index.php file that redirects to "http://domain.com/Members.pl". It will also tell me that i'm not logged in, no matter what i try.
These issues seem to be related to the cache, and that its using the same compiled output of the "members zone" from before logging in. However, upon clearing my cache, then testing, the problem still occured. Why is this problem occurring, and how can I resolve it?
Here are the relevant sections of my code:
Login:
my $session = new CGI::Session();
if ($data{'Param'}{'Referer'}) {
$session->param(-name => 'Referer', -value => $data{'Param'}{'Refe
+rer'});
}
my $referer = $session->param(-name=>'Referer') || $default_referer;
#
if ($data{'Param'}{'Login'}) {
my $statement = "SELECT Client, Email, First_Name, Telephone_Numbe
+r FROM $dbtable_Users WHERE (Email='$data{'Param'}{'Email'}' AND Pass
+word='$data{'Param'}{'Password'}')";
my $sth = $dbh->prepare($statement);
$sth->execute();
if ($sth->rows == 0) {
$data{'Login'}{'Fail'} .= 'Wrong email / password combination.
+ Please retry. If you are having problems logging in, <a href="Contac
+t-Us.php">Contact Us</a>. ';
}
else {
while (my @row = $sth->fetchrow_array()) {
$data{'Session'} = {
'LoginEpoch' => time,
'Client' => $row[0],
'Email' => $row[1],
'FirstName' => $row[2]
};
}
$session->param(-name => 'LoggedIn', -value => $data{'Session'
+});
$session->expire('LoggedIn', "+10000s");
$session->flush();
print redirect($referer);
exit(1);
}
}
elsif ($data{'Param'}{'Logout'}) {
$session->clear(['LoggedIn']);
$session->flush();
print redirect('http://www.Domain.com/Login.pl?Event=You have logg
+ed out');
exit(1);
}
else {
$data{'Login'}{'Begin'} .= q(Please login. If you are having probl
+ems logging in, <a href="Contact-Us.php">Contact Us</a>. );
}
print $session->header();
#etc
Members Zone:
my $session_data;
my $session = load CGI::Session();
if ($session->param(-name=>'LoggedIn')) {
$session->expire('LoggedIn', "+10000s");
$session_data = $session->param(-name=>'LoggedIn');
}
$session->flush();
#Not logged in
unless ($session_data) {
print redirect('http://www.Domain.com/Login.pl?Event=You must be l
+ogged in to view this page&Referer=http://www.Domain.com/Members.pl')
+;
exit(1);
}
#Begin logged in
if ($session_data) {
print $session->header();
#etc
}
Thanks,
Chris
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
