Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

CGI Session question

by Anonymous Monk
on Jun 11, 2005 at 05:39 UTC ( #465752=perlquestion: print w/replies, xml ) Need Help??

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hello Monks,

While reading the CGI::Session::Tutorial, It states that some users do not allow cookies and if thats the case then you are suppose to keep track of the session id through the query string. Makes perfect sense...but my question is ...should I have both cookie and query tracking implemented or is there somehow you can pre-determine whether not the user has cookies enabled?

For anyone who uses CGI::SEssion, do you guys just use both cookie intialize and query intialization?


Replies are listed 'Best First'.
Re: CGI Session question
by magog (Beadle) on Jun 11, 2005 at 07:41 UTC

    It's probably safest to both set a cookie and also put it in the query string. That means modifying every link you generate for the user.

    Of course, that gives you really long and ugly URLs with a lot of noise in them.

    So the first time you receive user's session ID in a cookie, you could set a "cookies work" flag in the user's session. From then on you can stop adding the session ID to the links you generate. If the user loses the cookie, you start them over with a new session.

    Another strategy would be to start by assuming that cookies work. The first time you receive a cookie-less request for any page that isn't the main entry page to your site, you start adding the session ID to the query string.


      I've always personally been a believer in the "have multiple ways of doing things and fallback on a backup method if the first method doesn't work", both in personal coding (sometimes some modules work on different platforms and sometimes they don't; sometimes you have a newer Perl, sometimes an older one; etc.) and on website-related things.

      Is anyone aware of any sites online that let the user choose between session-handling methods: between cookies, GET or POST?

Re: CGI Session question
by mda2 (Hermit) on Jun 13, 2005 at 02:38 UTC
    Magog describe a usual work arround CGI/Apache Session used on RT (Request Tracker), one Ticket System used to handle bugs on CPAN modules.

    One alternative, if you make a wrapper to autenticate all access is a PATH_INFO adds...

    Itīs a prototype idea, donīt checked syntax and correct ENV variables!

    Updated: Insert RTīs link

    Marco Antonio

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://465752]
Approved by ikegami
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (4)
As of 2020-08-11 21:29 GMT
Find Nodes?
    Voting Booth?
    Which rocket would you take to Mars?

    Results (63 votes). Check out past polls.