[AOLSERVER] cookie problem
Xavier Bourguignon
I have an adp file called index.adp, you can see its code below.
My problem is that when I log in successfuly, the page still displays
as if I was not logged in. I have to refresh the page for it to see
that there is a cookie set. I am obviously doing something wrong, that
is why I have included the index.adp code below.
I haven't bothered including the tcl code, but I have added comments
like this "###" to let you know what each call does.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<%
set datetime [clock format [clock seconds] -format "%A %B %d %H:%M:%S"]
### This procedure gets the form arguments and if they are not empty, it checks
### the database to see if this user and password combination is correct.
### This proc on successful login, sets a cookie with the username as
its value.
set login [gsa_login::login]
%>
<html>
<head>
<%
### This proc check a cookie to see if it exists. If it does, it
gets the value
### which is the username
set user [utils::current_cookie_user "GSAdminLogin"]
%>
<title>Admin Index<%if {$user != "Unknown"} {ns_adp_puts " - $user"}%></TITLE>
<link rel="stylesheet" type="text/css" href="../css/admin_style.css" />
</head>
<body>
<!-- Left menu start -->
<div id="navigation">
<%ns_adp_include ./adp/menu.adp%>
</div>
<!-- Left menu end -->
<!-- Main content start -->
<div id="content">
<%if {$user == "Unknown"} {%>
Please log into the system to continue
<br>
<br>
<form action="index.adp" method="get">
<fieldset class="login">
<legend class="normal">Login</legend>
<table>
<tr>
<td><label for="username">Username: </label></td>
<td><input type="text" name="username" id="username" /></td>
</tr>
<tr>
<td><label for="password">Password: </label></td>
<td><input type="password" name="password" id="password"/></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="Submit" /></td>
</tr>
</fieldset>
</form>
<%} else {
ns_adp_puts $datetime
}%>
</div>
<!-- Main content end -->
</body>
</html>
Can you let me know what could be wrong?
Thank you
--
Xavier Bourguignon
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <list...@listserv.aol.com> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
Dossy Shiobara
> I haven't bothered including the tcl code, but I have added comments
> like this "###" to let you know what each call does.
> ### This procedure gets the form arguments and if they are not empty, it checks
> ### the database to see if this user and password combination is correct.
> ### This proc on successful login, sets a cookie with the username as
> its value.
> set login [gsa_login::login]
> ### This proc check a cookie to see if it exists. If it does, it
> gets the value
> ### which is the username
> set user [utils::current_cookie_user "GSAdminLogin"]
> Can you let me know what could be wrong?
In order to help you, we need to see the actual code that sets and gets
the cookie. That is almost definitely where your problem is.
Also, keep in mind that if you try to set and read a cookie in _the same
request_, it likely won't work the way you expect. The way cookies work
in the browser is you send a Set-Cookie: in one HTTP response, and in
subsequent HTTP requests from the browser, it sends a Cookie: header.
If you Set-Cookie: at the start of your page then try to read the
Cookie: header in the same request ... you won't get it, obviously,
since the request didn't include a Cookie: header from the browser--you
only set it it in this very request, so how could the browser have sent
it to you, right?
This is where you might want to consider following Set-Cookie: with a
redirect, so that the browser makes a new request that would include the
Cookie: header.
--
Dossy Shiobara | do...@panoptic.com | http://dossy.org/
Panoptic Computer Network | http://panoptic.com/
"He realized the fastest way to change is to laugh at your own
folly -- then you can let go and quickly move on." (p. 70)
Xavier Bourguignon
the same request, and that is why it cannot see it.
Thank you
--
Xavier Bourguignon