NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.
All the Perl that's Practical to Extract and Report
an endless discussion thread about what features to include.
-- Jarkko Hietaniemi
Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.
A few guesses (Score:2)
Re:A few guesses (Score:1)
$self->param("message", "Please enter a valid username and password combination.")
unless $self->session->param("is_logged_in", 1);
when I originally posted this:
$self->param("message", "Please enter a valid username and password combination.")
unless $self->session->param("is_logged_in");
Oops. Perhaps I've worked too long tonight. .
To address your other guesses, when a visitor hits the site, we check for an existing session, and if they don't have one, we start a new session (regardless of whether or not they are logged in, because users of this site may or may not have an account) and hand them a cookie with their session ID. When the browser closes, the cookie expires, and when they come back, they get a new session and cookie. I'm not sure if that's good or bad, but so far, it's worked out ok.
I can see where explicitly marking someone as being not logged in would be a good thing, and I thank you for pointing that out to me. I'm tired and starting to miss stuff.
As for redirection. . . my login and logout functionality is in one module, and maintenance functions are spread out in a few different modules. These modules check to see whether someone is logged in, and if not redirects them to the login page, and stashes the URL to get back the module in the session. If the login fails, they get redirected back to the maintenance module and back to login. . . I really need to make that less hackish. .
Thanks again!
Reply to This
Parent