Solved

Sitewide cookie with CGI.pm?

Posted on 2003-11-19
4
297 Views
Last Modified: 2013-12-25
Been programming perl and doing web programming for years and years but never really mucked with cookies too much.

I have the following code:
$session->param(-domain =>      ".".$self->{domain});
$session->param("username", $username);
$session->param("userId", $userId);
$session->param("perms", $perms);
$session->expires(_IS_LOGGED_IN => '+2h');
my $cookie = $q->cookie($self->{sessionName} => $session->id);

(the $session object is from CGI::Session)

This sets a cookie for www.mydomain.com, stuff.mydomain.com, things.mydomain.com, etc.  But it doesn't set the cookie for simply mydomain.com.  I prefer to access the domain by just using mydomain.com.  But it won't recognize the cookie that way.  
The CGI.pm documentation states:
Domain names must contain at least two periods to prevent attempts to match on top level domains like ".edu".

So I couldn't set a cookie with -domain => "mydomain.com" to cover all urls under and including mydomain.com.  

How would I work around this?

Thanks for any help!
0
Comment
Question by:dbunder
  • 3
4 Comments
 

Accepted Solution

by:
Teh_Craze earned 50 total points
ID: 9939722
Why not just use CGI::Session and CGI::Cookie ?

If you use these two modules, it's secure enough, generates a unique session ID, that's stored on server, and in a cookie, then stores data in that session-id file on the server. So nothing is actually on the client side, except the cookie.

If you would like some more info on this method, please just ask, and I will post a script.
0
 
LVL 1

Author Comment

by:dbunder
ID: 9940442
Hmmmm I can't believe I never even thought to use CGI::Cookie.  I'll take a look at it tonight and let you know how it works out.
0
 
LVL 1

Author Comment

by:dbunder
ID: 9951084
It doesn't seem to work.  Simply, I'm doing this:

$cookie = new CGI::Cookie(-name=>param1 -value=>param2);
print header(-cookie=>$cookie);

to retrieve the cookie...
%cookies = fetch CGI::Cookie;
my val = $cookies{'cookieName'}->value

If I log in at http://example.com and then go to http://example.com/membersarea, I'm fine.  If I log in at http://example.com and go to http://www.example.com it doesn't see the cookie and kicks me back to the login page.  I checked my cookies after logging in with a cookie browser and the cookie is set at ".example.com" after I login at http://example.com.

Any other ideas?  I'd like users to be able to use whatever url they'd like.
0
 
LVL 1

Author Comment

by:dbunder
ID: 9951158
Nevermind.  I had to explicitly set the domain even though the CGI::Cookie docs say it'll choose the best value for the domain it wasn't working.  Working wonderfully now.  Thanks!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will focus on how to use WhizBase as a tool for sending ICQ messages to ICQ. Here I will use a new technology in WhizBase, published in WhizBase 5.1 version. In this tutorial I will use 3 files, pager.wbsp for the processing, e…
This article is meant to give a basic understanding of how to use R Sweave as a way to merge LaTeX and R code seamlessly into one presentable document.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now