cookie sending problem

Wed, 21 Jul 2004 13:29:56 -0700 

I've looked through the archive and found people with a similar problem,
but I have not found any of the suggested solutions to work so...

I have a login page that successfully logs me in, and sends a cookie (
by setting $udat{uid} ) However, when the cookie expires, I cannot log
in again. After some looking around I noticed two things:

1) After the cookie expires, the session_id does not get removed from
the DB (MySQL)

2) When I try to login again, a new session_id is generated, and put in
the DB, but no cookie is sent. So I get my  "login good" page, but as
soon as I try to go somewhere else I get dumped out due to no
authentication.


I am sure more detail is needed, hopefully this will be a start:
 
Embperl: 2.0b
mod_perl: 1.99_07 (at least that is the rpm info)
apache: 2.0.40
RedHat 9

some httpd.conf stuff:

PerlSetEnv EMBPERL_COOKIE_NAME myname
PerlSetEnv  EMBPERL_COOKIE_EXPIRES +10s <-----for testing
PerlSetEnv EMBPERL_COOKIE_PATH /
PerlSetEnv COOKIE_DOMAIN localhost <---------for testing
PerlSetEnv EMBPERL_LOG /var/log/embperl.log
PerlSetEnv EMBPERL_SESSION_CLASSES "MySQL Semaphore"




#---------------------------------------------------------------------
login.epl:

[$ if %fdat $] 
[-  # code to check password and username
    $udat{uid}= $user->{uid}; -]
[$ if $udat{uid} $]
    <P>Logged in!</P>
...

#---------------------------------------------------------------------

to check for the user this is on top of pages that need authentication:
[- Execute ('require-login.epl')-]


#---------------------------------------------------------------------
here is require-login.epl:

[$ if $udat{uid} $]
    <P> You are logged in as user [+ $udat{uid} +]</P>
[$ else $]
    [-  $r = shift;
        $r->DeleteSession; -]
    [-  $http_headers_out{'Location'} = 
             http://localhost:8080/notel/login-fail.html"; -] 
[$ endif $]

#---------------------------------------------------------------------


Many thanks, 
Eric Freed


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to