Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Cookies on Apache vs cookies on IIS

by the_slycer (Chaplain)
on Mar 15, 2002 at 19:27 UTC ( #152061=perlquestion: print w/replies, xml ) Need Help??

the_slycer has asked for the wisdom of the Perl Monks concerning the following question:

I'm in the middle of transitioning some perl scripts from a linux/apache combo to a win2k/iis combo. Most of the scripts I've been able to move over without a single line of code being changed. However, I have a script that uses cookies, and herein lies the problem.

Basically, the script is a multi-state script. On "login", after retrieving some info a session based cookie is set (set_cookie). On any other state, the cookie is retrieved (get_cookie). This works as expected on apache.

After moving this script to the win2k box, cookies stopped working as expected. I can't seem to retrieve the cookie that I'm pretty sure is being set. Here's the code:
sub set_cookie { ########################################### # Create a cookie. We have a few different # "states" and all of them require at least # *some* user information # Uses a global CGI object ($p) to create # the cookie ########################################### # Get the passed user information my %ui = @_; # set the params for the cookie my $cookie = $p->cookie( -name => 'mycookie', -value => qq(Name:$ui{'Name'}:Phone:$ui{'Phone'}:EmployeeNum:$ui{'Em +ployeeNum'}:Email:$ui{'Email'}:SapId:$ui{'SapId'}:NTID:$ui{'NTID'}:Pr +ovince:$ui{'Province'}), -expire => '', ); # send it to the browser print $p->header(-cookie => $cookie); }
and to retrieve the information:
sub get_cookie { ################################################ #Retrieve the cookie #Uses a global variable ($p) for the CGI object #Returns user information ################################################ my %userinf; if ($p->cookie('mycookie')) { my $values = $p->cookie('mycookie'); %userinf = split /:/,$values; } else { display_login(); #No cookie, force a login } print $p->header(); return (%userinf); }
As mentioned above, this works great using apache, fails miserably using IIS (though everything else in the script runs fine).

Any ideas?

Replies are listed 'Best First'.
Re: Cookies on Apache vs cookies on IIS
by dws (Chancellor) on Mar 15, 2002 at 22:21 UTC
    I think you have a silent typo. Try changing     -expire => '', to     -expires => '', and double-check what '' means as an expire time. My quick read of the CGI pod doesn't say anything about this being legal, and a glance through the code suggests that you're not going to be sending an Expires header. Are you sure this is what you want?

      That could be the problem, I'll have to wait till I'm back at work, seems odd though, as I'm *sure* that I didn't touch that code during the transition to the IIS server.

      As far as expires being blank, when I first read about how to use cookies (not that long ago :)), I read that a blank expires is the same as a negative expires - ie: not written to disk, only accesible while the browser is open. But, I could be wrong :)

      Thanks
Re: Cookies on Apache vs cookies on IIS
by the_slycer (Chaplain) on Mar 15, 2002 at 19:31 UTC
    Hmm.. why can't I edit my post??

    Anyways, I noticed after I hit submit, that I accidentally type in the name of the cookie in the my $values = $p->cookie('cookie') line incorrectly.

    Let me assure you that this is not the case in the live version of the code.

      Those are some UGLY cookies you're making there. Why not just create a session id that you store in a table with all the stuff in %ui ? Then you just set the session id as the cookie, and when the user comes back you do a simple DBI query to get who they are from your "session" table.

      I suspect that IIS is just balking at setting a cookie with all the wierdo stuff that you're putting into the value, and there is probably a maximum cookie value length, too.

      Have you checked the error logs to see if IIS is saying anything when you try to set this cookie?

      You may get some love from IIS if you HTML escape your value, if you use CGI.pm it's as simple as "$cookie_value=$q->escapeHTML($cookie_value)"

      -Any sufficiently advanced technology is
      indistinguishable from doubletalk.

Re: Cookies on Apache vs cookies on IIS
by the_slycer (Chaplain) on Mar 18, 2002 at 19:42 UTC
    Ok, still having problems here, even after correcting the typo in the code (-expire vs -expires)

    Basically my cookie is still not being set when running on an IIS server. Still works fine (with the same code) on the Apache server.

    Throwing a print $p->header() prior to the cookie being printed results in the following being printed to the browser:
    Set-Cookie: =-name; domain=-value; path=mycookie; expires=-path;
    So, as you can see, it's fairly munged, in addition to none of the values being there.

    On apache, putting the same print $p->header() prior to the cookie print, results in an HTML formatted string with the data that I would be expecting in it.

    My forehead is starting to get sore (from all the headbanging), and I would appreciate any additional input into the problem.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://152061]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2020-05-30 13:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    If programming languages were movie genres, Perl would be:















    Results (172 votes). Check out past polls.

    Notices?