CGI session variables like in PHP
[1/9] from: carlos::lorenz::bol::com::br at: 7-Oct-2003 16:52
Hello list,
I'm just thinking about wich is the best way to handle
persistent words between HTML pages such as PHP does
with its session variables.
Any thoughts?
TIA
Carlos
[2/9] from: SunandaDH:aol at: 7-Oct-2003 16:18
Carlos:
> I'm just thinking about wich is the best way to handle
> persistent words between HTML pages such as PHP does
> with its session variables.
I don't know the *best* way, as HTTP is inherently stateless. But here are
two ideas:
1. If you have identified users (by setting a cookie), use the cookie as a
key to an object that holds the session variables for that user. This is what
REBOL.org does, and it seems to work.
2. If you don't have cookies, you can't identify users by IP address (those
with dynamic IP addresses may give you a different value for every click of
enter). So you are pretty much reduced to having a hidden field on every page.
Use that as the key to the session variables object.
This second method will leave you a lot of discarded session-variable objects
as there is no way a user can "log off". You'll want to run an occasional
cleanup routine to discard these.
To generate a unique key for a session or cookie, experiment with:
session-key: copy ""
error? try [append session-key to-tuple system/options/cgi/remote-addr]
append session-key now/precise
session-key: checksum/secure session-key
(the error? is for when you are testing locally, and may not be a cgi
program. remote-addr is the IP address).
Sunanda.
[3/9] from: rebol:techscribe at: 7-Oct-2003 14:10
Hi Carlos.
Create a session cookie with a unique, random name, and create a
temporary file server-side with the same name to hold the session
information, including session vaqriables.. That's how PHP does it
according to Julie Meloni writing for "Webmonkey"
(http://www.webmonkey.com) in her article "Authenticate and Track
Users with PHP". She writes:
>>>>>
a session is an ethereal blob that can hold all sorts of variables and
values. This blob of stuff, also known as a session object, has an
identification string. The identification string, such as
940f8b05a40d5119c030c9c7745aead9, is sent to the user via a cookie
called PHPSESSID. On the server side, a matching temporary file (think
of it as the physical representation of the session object) is created
with the same name (i.e., 940f8b05a40d5119c030c9c7745aead9).
Each session object has variables registered with it. Inside the session
file, on the server, the registered variables and their values are kept
safe and sound. Since these values and variables are not kept in a
database, no additional system resources are required
<<<<<
Hpe this helps.
Elan
Carlos Lorenz wrote:
[4/9] from: tim:johnsons-web at: 7-Oct-2003 13:05
* Carlos Lorenz <[carlos--lorenz--bol--com--br]> [031007 12:17]:
> Hello list,
>
> I'm just thinking about wich is the best way to handle
> persistent words between HTML pages such as PHP does
> with its session variables.
>
> Any thoughts?
Hi Carlos:
I use the following myself:
1)Store as input/type "hidden"
2)Pass info via path-info
3)store system/options/cgi/query-string
Also, using mysql and a table just for
handling sessions, with session ID
and system/options/query string
note==>> for the last, it is helpful
to make sure that the stored query string is
itself 'escaped' via sql protocols
tim
> TIA
>
> Carlos
>
> --
> To unsubscribe from this list, just send an email to
> [rebol-request--rebol--com] with unsubscribe as the subject.
--
Tim Johnson <[tim--johnsons-web--com]>
http://www.alaska-internet-solutions.com
http://www.johnsons-web.com
[5/9] from: carlos:lorenz:bol at: 8-Oct-2003 9:57
Sunanda,
Thank you for your ideas
Carlos
Em Ter 07 Out 2003 17:18, [SunandaDH--aol--com] escreveu:
[6/9] from: carlos:lorenz:bol at: 8-Oct-2003 10:00
Elan
This was a very good explanation about PHP session object :)
Carlos
Em Ter 07 Out 2003 18:10, Elan escreveu:
[7/9] from: carlos:lorenz:bol at: 8-Oct-2003 9:58
Thank you Tim
Carlos
[8/9] from: SunandaDH:aol at: 8-Oct-2003 12:41
Carlos
> Thank you for your ideas
thanks to you too.
I've cobbled together a working example of using cookies to hold session data
and put it in the Script Library:
http://www.rebol.org/cgi-bin/cgiwrap/rebol/view-script.r?script=cookie-example
.r
Most of the code has been hacked down from code used in the Script Library
itself, but I've left most of the "real world" issues in so you can see the
sorts of skips and jumps you may need.
You could use it as a starter template for the sort of functions you may need
to implement session variables.
It *seems* to work for me, but I may have broken something in the rapid
cutting and pasting to haul a load of carefully structured functions into one
source script.
Sunanda
Sunanda.
[9/9] from: carlos:lorenz:bol at: 8-Oct-2003 17:44
sunanda
Thank you very much again
this sample It is going to be very useful indeed
Carlos
Em Qua 08 Out 2003 13:41, [SunandaDH--aol--com] escreveu: