如何在 cgi-perl 中删除会话? [英] How to delete a session in cgi-perl?
问题描述
我有一个 perl-cgi 脚本,我试图通过它登录.
当用户名和密码有效时,我创建一个会话并将 cookie 重定向到另一个页面.
但是,在会话过期后(我设置了过期时间),在这种情况下,我没有看到它从/tmp/sessions 文件夹中删除.我也用这个命令删除了会话.
一旦会话过期,有人可以帮我删除会话吗?另外,一旦会话被删除,cookie 是否会过期?
使用 CGI::Session;使用 CGI::Session::Tutorial;使用 CGI::Session::Driver::file;使用 CGI::Cookie;my $session = new CGI::Session("driver:File", undef, {Directory=>"/tmp/sessions"});我的 $sid = $session->id();#my $cookie = $query->cookie(CGISESSID => $session->id);我的 $cookie = $query->cookie(-name=>"CGISESSID",-value=>$session->id,-domain=>'abc.com',-expires=>"+5m",-path=>"/");打印 $query->redirect(-uri => 'http://abc.cgi', -cookie => $cookie);$session->param("用户名", $loginUserName);$query->hidden( '用户名', $loginUserName );$session->expire("用户名",'1m');$session->expire('+5m');$session->delete();为了避免与 ->delete 混淆,我将使用remove"代替删除"是指从存储中删除会话.
一旦会话过期,有人可以帮我删除吗?
会话到期时不会发生删除.这将需要一个持续运行的过程.此外,CGI::Session 绝不会扫描过期会话的存储;这将花费太长时间,因为它需要加载每个会话.相反,CGI::Session 只会在您尝试加载它们时删除过期的会话.
#!/usr/bin/perl使用严格;使用警告 qw( all );使用特征 qw( say );使用 CGI::Session qw();使用 CGI::Session::Driver::file qw();我的 $session_id;# 这代表浏览器的cookie.# 这些代表浏览器发出的请求.对于我的 $request_num (1..3) {my $session = CGI::Session->new("driver:file", $session_id, { Directory => "/tmp/sessions" });$session->expire("1s");$session_id = $session->id;# 这代表设置浏览器的cookie.说$request_num:",$session->id;说 "$request_num: ", $session->param("foo")//"[undef]";$session->param("foo" => "bar");# 这表示在第三次请求之前经过的时间.如果($request_num == 2){说让会话过期...";睡眠(2);}}输出:
$ ./a1:c57ab28952c6ed422c15f1a223f4b45d1:[未定义]2:c57ab28952c6ed422c15f1a223f4b45d2:酒吧让会话过期...3:df8ba3b66f23a9a2a652520fa6b4c30b3:[未定义]$ ls -1/tmp/sessionscgisess_df8ba3b66f23a9a2a652520fa6b4c30b如果您想防止文件在您的驱动器上堆积,请创建一个删除旧文件的 cron 作业.
find/tmp/sessions -mindepth 1 -maxdepth 1 -mtime 7 -delete<小时><块引用>
此外,一旦会话被删除,cookie 是否会过期?
不,cookie 会在您告诉它过期时过期.问题是,浏览器的 cookie 是否过期并不重要.对于new的第二个参数,传递undef,传递已删除会话的id和传递过期会话的id没有区别;在所有三种情况下,您都会获得一个新会话.如果有的话,最好不要在会话过期后立即过期,因为这允许删除会话(如上所示).
如何在 cgi-perl 中删除会话?
$session->delete 确实是要走的路,但实际删除只会在您保存(刷新)会话时发生.
$session->delete();$session->flush();# 或者让 `$session` 被销毁.I have a perl-cgi script through which I am trying to log in.
When the UserName and password are valid, I create a session and redirect a cookie to another page.
However, after the session expires(I have set the expiration time), I do not see it get deleted from the /tmp/sessions folder in this case. I have used the command to delete the session as well.
Can someone help me to delete the session once it expires? Also, does the cookie expire once the session is deleted?
use CGI::Session;
use CGI::Session::Tutorial;
use CGI::Session::Driver::file;
use CGI::Cookie;
my $session = new CGI::Session("driver:File", undef, {Directory=>"/tmp/sessions"});
my $sid = $session->id();
#my $cookie = $query->cookie(CGISESSID => $session->id);
my $cookie = $query->cookie(-name=>"CGISESSID",
-value=>$session->id,
-domain=>'abc.com',
-expires=>"+5m",
-path=>"/");
print $query->redirect(-uri => 'http://abc.cgi', -cookie => $cookie);
$session->param("UserName", $loginUserName);
$query->hidden( 'UserName', $loginUserName );
$session->expire("UserName",'1m');
$session->expire('+5m');
$session->delete();
To avoid confusion with ->delete, I'm going to use the word "remove" instead of "delete" to refer to the removal of the session from storage.
Can someone help me to delete the session once it expires?
The removal doesn't happen when the session expires. That would require having a continually running process. Furthermore, at no point does CGI::Session scan storage for expired sessions; that would take too long since it would require loading each and every session. Instead, CGI::Session only removes expired sessions when you try to load them.
#!/usr/bin/perl
use strict;
use warnings qw( all );
use feature qw( say );
use CGI::Session qw( );
use CGI::Session::Driver::file qw( );
my $session_id; # This represents the browser's cookie.
# These represent requests made the by the browser.
for my $request_num (1..3) {
my $session = CGI::Session->new("driver:file", $session_id, { Directory => "/tmp/sessions" });
$session->expire("1s");
$session_id = $session->id; # This represents setting the browser's cookie.
say "$request_num: ", $session->id;
say "$request_num: ", $session->param("foo") // "[undef]";
$session->param("foo" => "bar");
# This represents time passing by before the third request.
if ($request_num == 2) {
say "Letting session expire...";
sleep(2);
}
}
Output:
$ ./a
1: c57ab28952c6ed422c15f1a223f4b45d
1: [undef]
2: c57ab28952c6ed422c15f1a223f4b45d
2: bar
Letting session expire...
3: df8ba3b66f23a9a2a652520fa6b4c30b
3: [undef]
$ ls -1 /tmp/sessions
cgisess_df8ba3b66f23a9a2a652520fa6b4c30b
If you want to prevent files from accumulating on your drive, create a cron job that deletes old files.
find /tmp/sessions -mindepth 1 -maxdepth 1 -mtime 7 -delete
Also, does the cookie expire once the session is deleted?
No, the cookie expires when you tell it to expire. The thing is, it doesn't matter if the browser's cookie expires or not. For the second argument of new, there's no difference between passing undef, passing the id of a deleted session and passing the id of an expired session; you'll get a new session in all three cases. If anything, it's actually better if it doesn't expire as soon as the session expires because this allows the session to be removed (as demonstrated above).
How to delete a session in cgi-perl?
$session->delete is indeed the way to go, but the actual removal only happens when you would save (flush) the session.
$session->delete();
$session->flush(); # Or let `$session` get destroyed.
这篇关于如何在 cgi-perl 中删除会话?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
