[mod_python] Re: Cookie.py problems

Alberto Ruiz al at ruiz.ws
Fri Mar 31 21:21:27 EST 2006 

Correction, it should send the header: 'Set-Cookie:'

Is the problem due that I'm calling R.send_http_header() before
constructing the cookie? 

On Fri, 2006-03-31 at 19:11 -0700, Alberto Ruiz wrote:
> Something is wrong with the Cookie class because the web reply is not
> sending the cookie properly.  Am I doing something wrong? This setup was
> working fine on a Debian system.  It is now running on a FreeBSD.  I
> sniffed the web server reply and this is what am getting:
> 
> HTTP/1.1  200 OK.
> .Date: S at, 01 A
> pr 2006  01:30:21
> GMT..Se rver: Ap
> ache/1.3 .33 (Uni
> x) mod_p ython/2.
> 7.11 Pyt hon/2.4.
> 2 PHP/4. 4.2 mod_
> perl/1.2 9..Keep-
> Alive: t imeout=1
> 5, max=1 00..Conn
> ection:  Keep-Ali
> ve..Tran sfer-Enc
> oding: c hunked..
> Content- Type: te
> xt/html. ...62 ..
> userq=up date use
> r set SI D='EndNx
> nm0nnJEp Jtug4b2f
> WjusIDRV 3Kw' whe
> re name= 'lorim' 
> and pass word='12
> 3'..41 . .<head><
> meta htt p-equiv=
> 'refresh ' conten
> t='0;url =/BB.htm
> l'></hea d>..1  .
> . ..0... .      
> 
> So as you can see I'm getting a 62 and then some wierd text from a sql
> query and then the Cookie contents, as well as some other stuff.  But
> 'Cookie:' should be preappended to the cookie.  Here is a snippet of the
> code handling the cookie:
> 
> .....
> from mod_python import Cookie
> 
> def index (req,LLRuser='',LLRpw=''):
> 	global R; R=req; R.content_type="text/html"
> 	R.send_http_header()
> 	cur=DBconnectpropman.DB.cursor()
> 	sidrefreshing=0
> 	ZWF.R=R
> 	global SID;SID=''
> 	global UID;UID=''
> 	cookies = Cookie.get_cookies(R, Cookie.MarshalCookie,
> secret='LLR14151111')
> 	
> 	if LLRuser!='' and LLRpw!='':  # login attempt
> 		if string.find(LLRuser,"@")!=-1: #client login attempt
> 			cur.execute("select clientid,name,password from client where
> email='"+LLRuser+"'")
> 			userrs=cur.fetchone()
> 			if str(userrs)!='None':
> 				LLRuser=userrs[1]
> 				usertable='client'
> 		else:
> 			cur.execute("select * from user where name='"+LLRuser+"' and
> password='"+LLRpw+"'") 
> 			userrs=cur.fetchone()
> 			usertable='user'
> 		if str(userrs)!='None': #login success create session key, update user
> record, sett sid cookie
> 			SID=''
> 			for n in range(0,32):
> 				x=random.randint(48,108)
> 				if x>57:x+=8
> 				if x>90:x+=6
> 				SID+=chr(x)
> 			cookie = Cookie.Cookie('sid', SID); cookie.expires = time.time() +
> 36000; Cookie.add_cookie(R, cookie)
> 			q="update "+usertable+" set SID='"+SID+"' where name='"+LLRuser+"'
> and password='"+LLRpw+"'"
> 			R.write("userq="+q)
> 			cur.execute(q)
> 			R.write("<head><meta http-equiv='refresh'
> content='0;url=/BB.html'></head>")
> 			sidrefreshing=1
> 	if cookies.has_key('sid'):
> 		#we have a session id, is it valid?
> 		USER=ZWF.usercheck(R,cur)
> 		SID=USER.SID
> 		UID=USER.UID
> 		........
> 
> Let me know if you need any other info.
> 
> Can I use the regular python Cookie class instead?

More information about the Mod_python mailing list