Session retrieving data

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


I currently 've a trouble when I try to read stored session data.

The $session->param("user_name") return an error can't call method param
  on an undefined value

Any idea ?

here is my code :

#!perl -w
use CGI qw(:standard);
use Switch;
use Digest::MD5 qw(md5_hex);
use CGI::Session qw/-ip-match/;

my $query ;

execute ();

sub execute {
$query = new CGI ;
     my $action = $query->param('action');
     if ($action) {
    switch ($action) {
        case "login" {
        case "test" {

sub login {
     $session = new CGI::Session ("driver:File", undef, {Directory =>
'C:/sessions' }) if (!$session);
     $session->param("user_name2", "alexj");
     print "Content-type: text/html\n\n";

sub test {
     my $test = $session->param("user_name2");
     print "Content-type: text/html\n\n";
     print "$test";

Re: Session retrieving data

On 2005-05-30, Alexandre Jaquet scribbled these
curious markings:
Quoted text here. Click to load it

You get points for posting code and an error message (although a line
number for the error would have been appreciated), but see below.

Quoted text here. Click to load it

No strict? And unless you're using an ancient version of perl (before
5.6.0 or so), "use warnings" is the preferred method of enabling

Quoted text here. Click to load it

.... and this but no taint checking? Ouch.

Quoted text here. Click to load it

It's generally better to declare a variable and immediately give it a
value, rather than distancing the declaration from the definition. Perl
is not like C where you have to start your functions with five-ten lines
of variable declarations. Thus:

my $query = new CGI;

Quoted text here. Click to load it

It's generally a good idea to handle unexpected CGI parameters
gracefully. If $action !~ /login|test/, it seems like you won't be
sending anything to the user whatsoever. I'm no expert on CGI, but I
imagine that the result won't be pretty.

Quoted text here. Click to load it

Where's the error checking? The error message that you've described
above stems from the fact that for some reason or another,
CGI::Session's sub new (remember, in Perl, the "constructor" for an
object is a subroutine just like any other) returns undef. Maybe a typo
in your code, maybe some nefarious ancillary process moving things
around unknown to you. To quote Doug Linder: "A good programmer is
someone who looks both ways before crossing a one-way street." Wise
words indeed; some of the wisest I've read.

Quoted text here. Click to load it

Nitpickery: It seems that you're sending a content type of text/html,
yet you send plain text (unless the user_name2 CGI parameter is valid
HTML ... /me scratches head). Also, if you're doing CGI programming (and
are already using CGI and CGI::Session), why not just use the
appropriate methods in the CGI / CGI::Session classes for handling stuff
like content-type? They handle the double \n processing and all for you.
One typo and you can spend hours scratching your head and pulling out
your hair in search of a bug in every other part of your code. You'd be
correct in guessing that I speak from experience. It's a little silly,
IMO, to bring in large modules like CGI but not use their methods. If
you don't know they exist, that's okay. That's why probably has
the most POD documentation of any module in Perl's standard library.

One final thing: you don't need to double-quote a scalar if you're just
going to print the scalar itself. You're asking Perl to go through all
the hard work of scanning the double-quoted string for values that it
can interpolate and process, and then you only give it something that it
could print without any of that hard interpolation work. Go easy on
Perl; she's not as young as she used to be. :) ... and it's less typing
and thinking for you, too!

Best Regards,
Christopher Nehren
I abhor a system designed for the "user", if that word is a coded
pejorative meaning "stupid and unsophisticated". -- Ken Thompson
If you ask the wrong people questions, you get "Joel on Software".
Unix is user friendly. However, it isn't idiot friendly.

Re: Session retrieving data

Alexandre Jaquet a écrit :
Quoted text here. Click to load it

finally I' do in test function a file open and then get stored values,
but I'm not sure if it's the best method

Re: Session retrieving data

Alexandre Jaquet a écrit :
Quoted text here. Click to load it

another question is when I want to use MySQL for storing session datas

how can do to save my data's I was thinking we can use
    $SESSION->param(-name=>'user_name', -value=>$username);
doe's I've to write a complete sql query to store my values ?

sub login {
#more code here
     if ($user_name && $user_password) {      
    $CGI::Session::MySQL::TABLE_NAME = 'session';
    my $SESSION = new CGI::Session(
    $SESSION->param(-name=>'user_name', -value=>$username);

#more code here

thanks :)

Re: Session retrieving data

* Alexandre Jaquet schrieb:
Quoted text here. Click to load it

Why do you use Digest::MD5?

Quoted text here. Click to load it

Exemplary in using this -ip-match-switch. But not since you forget to
use strict. I know you have already subscribed to this newsgroup for a
longer time. Didn't you heard about using that always?

Quoted text here. Click to load it

declaring vars unless you want to assign them a value, didn't I? Change
this line to

    my $query = new CGI;
to make *you* (and your session handling) happy.

Quoted text here. Click to load it

As a result, this line should be deleted without replacement.

Quoted text here. Click to load it

When your script is called with param "action=login" you assign a new
session object to $session (in login() below). But what happens in the
other case? Right, you simply call test() and do not initialize your
session object. Let's go fixing that.

Quoted text here. Click to load it

Since you're using strict (I hope you do it now) you have to declare all
your vars, e.g. with my(). Hence you have to write

    my $session = new CGI::Session( "driver:File", undef,
                                    {Directory => 'C:/sessions' } );

You see, there's no need to ask if $session is already true since we
declare it here. Before, $session doesn't exists, so it cannot be true.

Quoted text here. Click to load it

This is not the HTTP header you want to print. You have to send the
session id back to the client. In case you want to use cookies, you have
to do something like

    print $session->header();

Quoted text here. Click to load it

Here you need to get a session object first. But if you do it the same
way as in login() you creates a new (and consequently empty) session
object. So, how to get the one created above? According to the docs you
have to set the second param (session id) of method new. Right, due to
calling $session->header() above you could easily use your CGI-object
$query to do this. CGI::Session is implicitly fetching the session id
from the CGI object for you.

    my $session = new CGI::Session( "driver:File", $query,
                                    {Directory => 'C:/sessions' } );

Quoted text here. Click to load it

Please avoid to print the HTTP header manually. Use always CGI::header()
instead, or in case you work with CGI::Session use its header() method
like above.

Quoted text here. Click to load it

That's absolutely not the intent of CGI::Session. To work efficiently
with it you have to know much more about this technique. Please do not
continue unless you have read the documentation, esp. the tutorial
shipped with the module. Give it a shot!


Site Timeline