[mod_python] Re: Cookie.py problems

Graham Dumpleton grahamd at dscpl.com.au
Fri Mar 31 22:46:30 EST 2006


On 01/04/2006, at 12:21 PM, Alberto Ruiz wrote:

> Correction, it should send the header: 'Set-Cookie:'
>
> Is the problem due that I'm calling R.send_http_header() before
> constructing the cookie?

Yes.

Cookie must be done before send_http_header and before
anything content is written back for the response.

In short, anything which generates headers has to be done
first.

> On Fri, 2006-03-31 at 19:11 -0700, Alberto Ruiz wrote:
>> Something is wrong with the Cookie class because the web reply is not
>> sending the cookie properly.  Am I doing something wrong? This  
>> setup was
>> working fine on a Debian system.  It is now running on a FreeBSD.  I
>> sniffed the web server reply and this is what am getting:
>>
>> HTTP/1.1  200 OK.
>> .Date: S at, 01 A
>> pr 2006  01:30:21
>> GMT..Se rver: Ap
>> ache/1.3 .33 (Uni
>> x) mod_p ython/2.
>> 7.11 Pyt hon/2.4.
>> 2 PHP/4. 4.2 mod_
>> perl/1.2 9..Keep-
>> Alive: t imeout=1
>> 5, max=1 00..Conn
>> ection:  Keep-Ali
>> ve..Tran sfer-Enc
>> oding: c hunked..
>> Content- Type: te
>> xt/html. ...62 ..
>> userq=up date use
>> r set SI D='EndNx
>> nm0nnJEp Jtug4b2f
>> WjusIDRV 3Kw' whe
>> re name= 'lorim'
>> and pass word='12
>> 3'..41 . .<head><
>> meta htt p-equiv=
>> 'refresh ' conten
>> t='0;url =/BB.htm
>> l'></hea d>..1  .
>> . ..0... .
>>
>> So as you can see I'm getting a 62 and then some wierd text from a  
>> sql
>> query and then the Cookie contents, as well as some other stuff.  But
>> 'Cookie:' should be preappended to the cookie.  Here is a snippet  
>> of the
>> code handling the cookie:
>>
>> .....
>> from mod_python import Cookie
>>
>> def index (req,LLRuser='',LLRpw=''):
>> 	global R; R=req; R.content_type="text/html"
>> 	R.send_http_header()
>> 	cur=DBconnectpropman.DB.cursor()
>> 	sidrefreshing=0
>> 	ZWF.R=R
>> 	global SID;SID=''
>> 	global UID;UID=''
>> 	cookies = Cookie.get_cookies(R, Cookie.MarshalCookie,
>> secret='LLR14151111')
>> 	
>> 	if LLRuser!='' and LLRpw!='':  # login attempt
>> 		if string.find(LLRuser,"@")!=-1: #client login attempt
>> 			cur.execute("select clientid,name,password from client where
>> email='"+LLRuser+"'")
>> 			userrs=cur.fetchone()
>> 			if str(userrs)!='None':
>> 				LLRuser=userrs[1]
>> 				usertable='client'
>> 		else:
>> 			cur.execute("select * from user where name='"+LLRuser+"' and
>> password='"+LLRpw+"'")
>> 			userrs=cur.fetchone()
>> 			usertable='user'
>> 		if str(userrs)!='None': #login success create session key,  
>> update user
>> record, sett sid cookie
>> 			SID=''
>> 			for n in range(0,32):
>> 				x=random.randint(48,108)
>> 				if x>57:x+=8
>> 				if x>90:x+=6
>> 				SID+=chr(x)
>> 			cookie = Cookie.Cookie('sid', SID); cookie.expires = time.time() +
>> 36000; Cookie.add_cookie(R, cookie)
>> 			q="update "+usertable+" set SID='"+SID+"' where name='"+LLRuser+"'
>> and password='"+LLRpw+"'"
>> 			R.write("userq="+q)
>> 			cur.execute(q)
>> 			R.write("<head><meta http-equiv='refresh'
>> content='0;url=/BB.html'></head>")
>> 			sidrefreshing=1
>> 	if cookies.has_key('sid'):
>> 		#we have a session id, is it valid?
>> 		USER=ZWF.usercheck(R,cur)
>> 		SID=USER.SID
>> 		UID=USER.UID
>> 		........
>>
>> Let me know if you need any other info.
>>
>> Can I use the regular python Cookie class instead?
>
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python



More information about the Mod_python mailing list