Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
Hello! This is a pretty dumb question this time, but for some reason, I can't seem to get this to work correctly. I did everything by the docs, and yet I still can't seem to get it to work. Here is my problem:

I have a CGI program that uses cookies (hopefully merlyn won't -- me for not reading his latest Web Techniques article well enough *smiles*) to maintain a users 'login'. To create the cookies, this code is exectued:
my $q = new CGI; my $cke1 = new CGI::Cookie( -name => $in{usr}, -value => $val, -expires => '+1h',); print $q->header(-cookie=>$cke1);
which seems to work very well - by the way, the value is the users password MD5ed with some other secret stuff (I could tell you, but then I would have to kill you).

Now, I wanted to write a simple routine to log the person out, so that their little cookie would simply disapear into the magnetic oblivion that is the users hard drive. Easy, right? All I have to do is create another cookie, by the same name, with an expiration that is negative! So here is what I tried:
my $q = new CGI; my $cke1 = new CGI::Cookie( -name => $usr, -value => $pwd, -expires => '-1d',); print $q->redirect( -cookie=>$cke1, -uri=>'');
Now, as you can see, the cookie is the same, I just changed the expiration from an hour ahead of when the cookie was made (as was in the login code) to a day previous of when the code was executed, therefore telling the computer that that patricular cookie should have expired ASAP! Then, a simple redirect header takes the user to the login page, setting them up to log right back in!

Now, am I missing something here, because this seems like a perfectly logical way to do things, but it DOESN'T work! The logout code executes fine, but the cookie doesn't actually expire, so it is futile!

I am tired, and don't feel well, so I may be missing something, so please help me out fellow monks! Thanks!

r. j o s e p h
"Violence is a last resort of the incompetent" - Salvor Hardin, Foundation by Issac Asimov

In reply to Loging a user out with CGI and Cookies? by r.joseph

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or or How to display code and escape characters are good places to start.
Log In?

What's my password?
Create A New User
Domain Nodelet?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (3)
As of 2022-01-21 06:19 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (57 votes). Check out past polls.