Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: question on program flow and checking for cgi-session

by JanneVee (Friar)
on Jul 14, 2004 at 17:45 UTC ( #374362=note: print w/replies, xml ) Need Help??


in reply to question on program flow and checking for cgi-session

1. If your script sends a session id, everyone who visit the script would get a session id.

Answers are reversed to make it a little easier.

3. Usually the session id is sent throgh the answer http header as a cookie. It is designed to be a 32 byte random number, that makes a hijack of someone elses session more difficult. Then when a user progresser through the site the user sends back the 32 byte number to mark a valid session. So when the script receives a sessionnumber it should not send a new sessioncookie. The received cookie is set up to compare to sessiondata stored on the server usually in a tmp-file.

2. The session file should just hold a user_id, so if the session-tmp-file exists on a particular session the user_id could be retrieved through the file.

Also if you don't want to have a sessionfile you could hold the session information in the db.

  • Comment on Re: question on program flow and checking for cgi-session

Replies are listed 'Best First'.
Re^2: question on program flow and checking for cgi-session
by cranberry13 (Beadle) on Jul 14, 2004 at 17:51 UTC
    Dear JanneVee,
    Thank you so much -- just clarifying that every person gets a sessionid really smoothed things out for me. I really appreciate it.

      It is easier to work with if everyone who comes to the script gets it but it is a design thing. It can also be designed the other way a valid login would receive a session that is logged in. Update: Check out Joosts reply.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://374362]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (3)
As of 2021-09-24 16:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?