Doubt about Session

[Valdeci Jr]

Hi Henri,

I'm using Session variable to store some informations of my
application. However, I found a problemn when I try to store more than
one object into the Session. By the example:

My Session variable have:
Session.S['user.id'] := "1";
Session.S['user.login'] := "xyz";

If I try to add the object:
Session.S['anotherObj.attribute'] := "value";

My Session store both objects correctly, here:

FResponse.S['Set-Cookie[]'] := COOKIE_NAME + '=' +
EncodeObject(FSession, pass) + '; path=/';

But in the next request the Session variable is empty, here:

obj := Request.AsObject['cookies'].AsObject[COOKIE_NAME];
case ObjectGetType(obj) of
stString: FSession := DecodeObject(obj.AsString,
pass); <<<<<<<<<<<<<
stArray: FSession := DecodeObject(obj.AsArray.S[0], pass);
else
FSession := TSuperObject.Create(stObject);
end;

I tested both encrypted objects and them are equals. The problem seens
happening on DecodeObject or EncodeObject.

You wrote in another post:

"Don't store too many things in the session variable,
it should be used to store states or references informations"

There are any limitation about Session or this is a bug?

[Henri Gourvest]

hi,

I am unable to reproduce your problem.

I need to know:

- The password used for encryption.

- The exact object value you try to store in Session.

You can also send me your source code in order to save time

The size limit for a cookie is 4096 bytes, it is defined in RFC.

The session objects are also compressed in the cookie.

Henri

2010/2/6 Valdeci Jr <vocj...@gmail.com>

[Valdeci Jr]

Hi Henri,

sorry for late response. Follow below what you ask:

PassPhrase:

function THTTPConnexion.GetPassPhrase: AnsiString;
const
PASS_PHRASE: AnsiString =
'dc62rtd6fc14ss6df464c2s3s3rt324h14vh27d3fc321h2vfghv312';
begin
Result := PASS_PHRASE;
end;

This object already exists in Session:

{"user":
{"istemp":false,"codigo":"1","senha":"123456","tipo":"1","chave":"ABCDEF"}}

I add this object:

{"paciente":{"codigo":"1"}}

In the time of the code below is executed:

FResponse.S['Set-Cookie[]'] := COOKIE_NAME + '=' +
EncodeObject(FSession, pass) + '; path=/';

The value of FSession is:

{"paciente":{"codigo":"1"},"user":
{"istemp":false,"codigo":"1","senha":"123456","tipo":"1","chave":"ABCDEF"}}

However, in the next request, when I try to get the Session value,
it's empty.

I think this is enough. I solved my problemn using the property of
second object in first object:

{"user":{"paciente":
"1","istemp":false,"codigo":"1","senha":"123456","tipo":"1","chave":"ABCDEF"}}

But, if I try to add more than one object in the session the problem
happens.

On 6 fev, 18:19, Henri Gourvest <hgourv...@gmail.com> wrote:
> hi,
>
> I am unable to reproduce your problem.
> I need to know:
> - The password used for encryption.
> - The exact object value you try to store in Session.
>
> You can also send me your source code in order to save time
>
> The size limit for a cookie is 4096 bytes, it is defined in RFC.
> The session objects are also compressed in the cookie.
>
> Henri
>

> 2010/2/6 Valdeci Jr <vocjun...@gmail.com>

[Henri Gourvest]

Thank you for these explanations, 

it allowed me to reproduce the bug and fix it.

The problem occurred during decryption in a rare condition.

Regards

Henri

2010/2/8 Valdeci Jr <vocj...@gmail.com>

[mrbar2000]

thanks henri,

I and Valdeci working in same company, we are doing an application
with DOR, we are impressed, very good work!
When you fix this little problem please let us know

thanks

[Henri Gourvest]

Thank you, your feedback is important to me !

I forgot to say that I already commited the fix, just update your SVN.

Henri

2010/2/8 mrbar2000 <mrba...@gmail.com>