[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [help-cgicc] session how to, please explain
|
From: |
Alexander J. Oss |
|
Subject: |
Re: [help-cgicc] session how to, please explain |
|
Date: |
Wed, 13 Apr 2005 22:27:11 -0400 |
I've used cgicc and libodbc++ in conjunction to great effect using a
cookie-based session where session state is kept in a database. The code
below is used to retrieve the cookie, FWIW. HeapHolder is #defined as
boost::shared_ptr.
-----
const string cookieName("ProductStandardsSession");
class CookieHasName : public unary_function<HTTPCookie, bool>
{
const string &name;
public:
CookieHasName(const string &nameInit)
: name(nameInit)
{ }
bool operator()(const HTTPCookie &cookie)
{ return(cookie.getName() == name); }
};
HeapHolder<string> GetCookieValue(const Cgicc &cgicc)
{
vector<HTTPCookie> cookies(cgicc.getEnvironment().getCookieList());
vector<HTTPCookie>::iterator cookie = find_if(
cookies.begin(), cookies.end(), CookieHasName(cookieName));
HeapHolder<string> value;
if (cookie != cookies.end())
value.reset(new string(cookie->getValue()));
return(value);
}
----- Original Message -----
From: "Anthony Bouvier" <address@hidden>
To: <address@hidden>
Sent: Wednesday, April 13, 2005 8:46 PM
Subject: Re: [help-cgicc] session how to, please explain
On Apr 13, 2005, at 7:34 PM, Vlad D. Markov wrote:
> On Wed, 13 Apr 2005 12:54:06 -0400
> Anthony Bouvier <address@hidden> wrote:
>
> <snip>
>> I sent an example to the original questioner (and accidentally did
>> that
>> from an account not on the mailing list so my post didn't get to the
>> list .. at least until a mod lets it through). It gives him a rough
>> outline of how to handle sessions in conjunction with Cgicc. And its
>> not difficult at all.
>>
> It would be nice if you would share this simple method with the
> mailing list. I would much rather use cgicc with some sort of session
> mechanism than run something more demanding of computer resources like
> java or ruby.
Well, -I- think its simple. ;)
Here is what I sent:
<SNIP>
On Apr 12, 2005, at 7:31 PM, Vlad D. Markov wrote:
>
>
> There are other ways to track users but they are harder to implement
> in my opinion. Since its school, usually the hidden field mechanism
> gets a decent enough grade.
But -if- you want to get fancy, a nice way to do it is to use an RDBMS
to track session data. Just like Vlad mentions, session tracking is
certainly outside of the scope of Cgicc, but what many application
systems do is generate a unique key per visitor (say like a 32bit MD5
hash) that ties a user's experience to session data stored in a
database (lookup on the unique key, verify their data). You can pass
this key page to page in a cookie, or via a URL variable (in essence to
be parsed by Cgicc and handed to lookup methods). Such a URL would
look like:
http://www.yoursite.com/yourprogram.cgi?
session=bc591241c8c662e758b2b12c0f549f02
So, with Cgicc, you get the value passed by the URL variable 'session',
then hand that off to a method to lookup their data in the DB. If the
key is not in the DB, then their session does not exist and you send
them to the login page.
Short:
1) User Logs In
1a) Session Id is generated and saved in the DB with any other data
(say session preferences or something)
1b) Write the session id to a cookie, or keep passing it along in a
URL variable (like above)
2) Each page, get the session id passed (in 1b)
2a) Send the session id to a method to look it up in a DB
2b) If there, let them continue, if not there, send them to login"
</SNIP>
--
anthony bouvier
press ganger
http://privateerpress.com
_______________________________________________
help-cgicc mailing list
address@hidden
http://lists.gnu.org/mailman/listinfo/help-cgicc