raptor wrote:
>
> hi,
>
> Is there Session module that has capability more like ASP::Session
> rather than Apache::Session.(I mean hanlidng the cookies too, Joshua is
> it easy to extract Session functionality from ASP as a standalone module
> :")).
> OR
> what mostly the MASON people use to handle Sessions.
>
There is no nice way to lift the Apache::ASP::Session
out of the ASP framework, since the event handling is
all held outside of the module. If you want the $Session
without the events, just use Apache::Session. Below is
some init code that may help with your cookie issues, but
you will have to undo the ASP dependent code obvi.
I don't know how using Apache::Session plugs into Mason
to make the $Session available in any script, but if
you have a pre-content handler init the Session, you could
set $main::Session, and have that available from anywhere
in perl.
-- Joshua
_________________________________________________________________
Joshua Chamas Chamas Enterprises Inc.
NodeWorks >> free web link monitoring Huntington Beach, CA USA
http://www.nodeworks.com 1-714-625-4051
## use Secret to generate your MD5 hexhash
$MD5 = new MD5();
sub Secret {
my $self = shift;
my $md5 = $Apache::ASP::MD5;
$md5->reset;
$md5->add($self . $self->{remote_ip} . rand() . time() .
$md5 . $self->{global} . $self->{'r'} . $self->{'mtime'});
$md5->hexdigest();
}
# combo get / set
$SessionCookieName = 'session-id';
$SessionIDLength = 32;
sub SessionId {
my($self, $id) = @_;
if($id) {
$self->{session_id} = $id;
my $secure = $self->{secure_session} ? '; secure' : '';
$self->{r}->header_out
('Set-Cookie',
"$Apache::ASP::SessionCookieName=$id; path=$self->{cookie_path}".$secure
);
} else {
# if we have already parsed it out, return now
# quick session_id caching, mostly for use with
# cookie less url building
$self->{session_id} && return $self->{session_id};
my $cookie = $self->{r}->header_in("Cookie") || '';
my(@parts) = split(/\;\s*/, $cookie);
for(@parts) {
my($name, $value) = split(/\=/, $_, 2);
if($name eq $SessionCookieName) {
$id = $value;
$self->{dbg} && $self->Debug("session id from cookie: $id");
last;
}
}
if(! $id && $self->{session_url}) {
$id = delete $self->{Request}{QueryString}{$SessionCookieName};
# if there was more than one session id in the query string, then just
# take the first one
ref($id) =~ /ARRAY/ and ($id) = @$id;
$id && $self->{dbg} && $self->Debug("session id from query string: $id");
}
# SANTIZE the id against hacking
if($id) {
if(length($id) == $SessionIDLength and $id =~ /^[0-9a-z]+$/) {
$self->{session_id} = $id;
} else {
$self->Log("passed in session id $id failed checks sanity checks");
$id = undef;
}
}
if($id) {
$self->{session_id} = $id;
}
}
$id;
}
