|
Graham Dumpleton
grahamd at dscpl.com.au
Fri Mar 31 22:46:30 EST 2006
On 01/04/2006, at 12:21 PM, Alberto Ruiz wrote:
> Correction, it should send the header: 'Set-Cookie:'
>
> Is the problem due that I'm calling R.send_http_header() before
> constructing the cookie?
Yes.
Cookie must be done before send_http_header and before
anything content is written back for the response.
In short, anything which generates headers has to be done
first.
> On Fri, 2006-03-31 at 19:11 -0700, Alberto Ruiz wrote:
>> Something is wrong with the Cookie class because the web reply is not
>> sending the cookie properly. Am I doing something wrong? This
>> setup was
>> working fine on a Debian system. It is now running on a FreeBSD. I
>> sniffed the web server reply and this is what am getting:
>>
>> HTTP/1.1 200 OK.
>> .Date: S at, 01 A
>> pr 2006 01:30:21
>> GMT..Se rver: Ap
>> ache/1.3 .33 (Uni
>> x) mod_p ython/2.
>> 7.11 Pyt hon/2.4.
>> 2 PHP/4. 4.2 mod_
>> perl/1.2 9..Keep-
>> Alive: t imeout=1
>> 5, max=1 00..Conn
>> ection: Keep-Ali
>> ve..Tran sfer-Enc
>> oding: c hunked..
>> Content- Type: te
>> xt/html. ...62 ..
>> userq=up date use
>> r set SI D='EndNx
>> nm0nnJEp Jtug4b2f
>> WjusIDRV 3Kw' whe
>> re name= 'lorim'
>> and pass word='12
>> 3'..41 . .<head><
>> meta htt p-equiv=
>> 'refresh ' conten
>> t='0;url =/BB.htm
>> l'></hea d>..1 .
>> . ..0... .
>>
>> So as you can see I'm getting a 62 and then some wierd text from a
>> sql
>> query and then the Cookie contents, as well as some other stuff. But
>> 'Cookie:' should be preappended to the cookie. Here is a snippet
>> of the
>> code handling the cookie:
>>
>> .....
>> from mod_python import Cookie
>>
>> def index (req,LLRuser='',LLRpw=''):
>> global R; R=req; R.content_type="text/html"
>> R.send_http_header()
>> cur=DBconnectpropman.DB.cursor()
>> sidrefreshing=0
>> ZWF.R=R
>> global SID;SID=''
>> global UID;UID=''
>> cookies = Cookie.get_cookies(R, Cookie.MarshalCookie,
>> secret='LLR14151111')
>>
>> if LLRuser!='' and LLRpw!='': # login attempt
>> if string.find(LLRuser,"@")!=-1: #client login attempt
>> cur.execute("select clientid,name,password from client where
>> email='"+LLRuser+"'")
>> userrs=cur.fetchone()
>> if str(userrs)!='None':
>> LLRuser=userrs[1]
>> usertable='client'
>> else:
>> cur.execute("select * from user where name='"+LLRuser+"' and
>> password='"+LLRpw+"'")
>> userrs=cur.fetchone()
>> usertable='user'
>> if str(userrs)!='None': #login success create session key,
>> update user
>> record, sett sid cookie
>> SID=''
>> for n in range(0,32):
>> x=random.randint(48,108)
>> if x>57:x+=8
>> if x>90:x+=6
>> SID+=chr(x)
>> cookie = Cookie.Cookie('sid', SID); cookie.expires = time.time() +
>> 36000; Cookie.add_cookie(R, cookie)
>> q="update "+usertable+" set SID='"+SID+"' where name='"+LLRuser+"'
>> and password='"+LLRpw+"'"
>> R.write("userq="+q)
>> cur.execute(q)
>> R.write("<head><meta http-equiv='refresh'
>> content='0;url=/BB.html'></head>")
>> sidrefreshing=1
>> if cookies.has_key('sid'):
>> #we have a session id, is it valid?
>> USER=ZWF.usercheck(R,cur)
>> SID=USER.SID
>> UID=USER.UID
>> ........
>>
>> Let me know if you need any other info.
>>
>> Can I use the regular python Cookie class instead?
>
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://mailman.modpython.org/mailman/listinfo/mod_python
|