On Thursday, April 25, 2002, at 12:15 PM, Mat Harrison wrote:
> also, what is the best way to include the cookie-checker in the restricted > pages, ExecCGI or IncludeVirtual? i use CGI::Cookie in a package of my subroutines. I put 'use utils;' and call the checking subroutine at start of each of my cgi files. > -----Original Message----- > From: bob ackerman [mailto:[EMAIL PROTECTED]] > Sent: Thursday, April 25, 2002 7:26 PM > To: [EMAIL PROTECTED] > Subject: Re: authentication and user management > > > > On Thursday, April 25, 2002, at 10:58 AM, Mat Harrison wrote: > >> i am building a perl/cookie members system for my site using SSI to check >> if >> a cookie is present (set at login), if not, to redirect to an error page. >> This is my plan: >> >> >> 1. login page. check that the username and password match that in the >> database. >> 2. if yes then set a cookie with the users's ID from the database >> 3. when the restricted page is called then the script attempts to >> retrieve >> the cookie. >> >> How do i say if ($cookievalue eq "" || cookie does not exist){ >> redirect to an error page >> } >> >> I know how to retrieve a cookie and redirect but how do i get the script >> to >> tell the difference between an incorrect cookie value (one that doesn't >> match any IDs in the database) and no cookie at all. > > when you ask for a cookie for a given key, if it doesn't exist it will be > empty. > as in code above. I don't think you want to worry about the cookie > existing with an empty value. > That wouldn't be a valid login. > Then if the cookie exists, you could do a db query to make sure the id is > actually in the database. > >> If anyone can suggest anything about the cookies or any tips on this >> subject >> in general please help >> >> Thanks in Advance >> >> -- >> Matthew Harrison >> Webmaster >> www.genestate.com >> [EMAIL PROTECTED] > > > -- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
