|
Wouter van Marle
wouter at squirrel-systems.com
Tue May 10 12:20:43 EDT 2005
Hi all,
Jim and Graham: thank you for your advices, it now seems to work well.
The session is kept, even when calling functions in a different script,
which is great.
The reading of my persistent cookie is fixed, a stupid bug/typo on my
side (an always false statement so they would not get read, ever). Now
when starting a new session, the starting values are read from the
persistent cookie on the user's side, and this cookie is updated
properly as well.
Currently I do not use the "return apache.OK", instead just a return, as
"return apache.OK" results in an extra "0"(zero) at the end of the page!
I don't think that's supposed to be like that. It looks a bit silly to
me.
Wouter.
On Tue, 2005-05-10 at 11:44 -0400, Jim Gallacher wrote:
> Wouter van Marle wrote:
> > Thank you all for the advices, I'm going to try it tomorrow. At least it
> > gives me something to try out, and a bit better understanding of the
> > process. Unfortunately the documentation is pretty sparse there.
>
> I'm working on improving the documentation, so these kinds of
> discussions are useful to me as well.
>
> > Some more comments below on why reading a separate cookie:
> >
> >>call sess.save() before the end of your request as saving is not
> >>automatic. The other way you may get a new session for each request is
> >>if you start writing the response before the session is created. The
> >>session must be able to set a cookie in the response sent to the
> >>browser, and this is not possible if you've already started to send your
> >>reply.
> >>
> >
> > So I should call sess.save() before doing any psp run() or req.write(),
> > right? That is now not the case (I do the save at the very end of the
> > routine - after sending the page).
>
> No, it doesn't matter when you call sess.save(). The important step is
> in the creation of the session instance. The session cookie in the
> response header is set when the session instance is created. You must do
> this before sending any part of the page. For example:
>
> def good_requesthandler(req):
> # session handling will work
> req.content_type = "text/plain"
>
> # Create the session and implicitly set the session cookie
> # in the response header
> sess = Session.Session(req)
>
> # First call to req.write() sends the response headers
> # to the browser, which includes the session cookie, and
> # then writes the string.
> req.write("Hello World!")
> req.write("Goodbye world!")
>
> # Save the session data on the server
> sess.save()
> return apache.OK
>
>
> def bad_requesthandler(req):
> # session handling will not work
> req.content_type = "text/plain"
>
> # First call to req.write() sends the response headers to
> # the browser and then writes the string.
> req.write("Hello World!")
>
> # Creating the session instance generates a cookie, but
> # the response headers have already been sent as a result of
> # the previous req.write() call, so the the browser will never
> # receive the cookie.
> sess = Session.Session(req)
> req.write("Goodbye world!")
>
> # Save the session data on the server. The data is saved, but the
> # browser never received the cookie, so it really is not relevant.
> # As far as the browser is concerned the session data is gone.
> sess.save()
> return apache.OK
>
> >>I'm a little unclear why you are reading and writing the cookies,
> >>assuming you mean the session cookie.
> >>
> >
> > I think of using a separate cookie for persistent information (currently
> > set to 90 day expiry) against session which includes login info and is
> > to keep the user logged with a timeout of say 30 minutes. At the
> > beginning of the session (new session) I want to read that persistent
> > information to provide a somewhat personalised site. Currently that is
> > only the language and the username if known, though in future that may
> > be more.
>
> Ok. Then the problem you described with reading and writing cookies in
> an earlier message is unrelated to the session handling code. But the
> same idea applies. Make sure you set your cookie before any req.write()
> attempts.
>
> Regards,
> Jim
>
>
|