[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-modperl
Subject: Re: "faking" posts to downstream handlers?
From: Cliff Rayman <cliff () genwax ! com>
Date: 1999-08-30 19:33:56
[Download RAW message or body]
I am using Apache::Session. I save the values in the session record and
then I
retrieve them when I need them. The only thing that I store with the
cookie is the
ID of the session.
If you use a cookie to store the data, that requires that the client
return the cookie
with that data.
jsutaria2 wrote:
> i've seen earlier discussions about reading post variables, but i
> think what i'm trying to do is different. once i read the post
> variables in, they're gone. but i'm storing the values in a cookie,
> and restoring them on a later request. what i don't know is if
> it is possible to do that without any interaction from the client.
> if it is, then i'm somehow not "putting things back" correctly.
>
> i'd appreciate any suggestions you have. thanks,
>
> --jay
>
> On Mon, 30 Aug 1999, Cliff Rayman wrote:
>
> > I believe there has been discussion about this before on the mailing list. Once
> > you read the post in once, it is gone!
> >
> > You cannot read it in again with a downstream handler. Search the archives and
> > you should find a discussion to this problem and possible remedies.
> >
> > Cliff Rayman
> > genwax.com
> >
> > jsutaria2 wrote:
> >
> > > i'm attempting to implement a modified version of the Apache::Ticket*
> > > handlers described in the mod_perl book, and i'd like to make the
> > > scheme support the saving and restoration of posted variables once
> > > the user has been authenticated.
> > >
> > > i read the values of the POST variables using Apache::Request and
> > > store the values of the POST variables in cookie(s) (i'm not planning
> > > on trying to do more than 4k of data; if i do, then i suppose i can
> > > just span multiple cookies). i'm not having any problems setting the
> > > cookies.
> > >
> > > once the user has been authenticated by TicketMaster, the user is
> > > redirected to the original url, which causes the TicketAccess handler
> > > to run (it's an AccessHandler). i read the values from the cookies
> > > and attempt to "set" them before returning OK. the intention is
> > > that downstream handlers/cgi's that expect a POST can receive this
> > > data transparently. is this possible?
> > >
> > > i'm setting the Content-type header, setting the method and
> > > method_number for "POST", setting the Content-length header,
> > > and using Apache::Request to set the values. when i actually
> > > attempt to run this, the handler finishes running, and the
> > > appropriate cgi (actually, Apache::Registry) is called. but
> > > it appears that the cgi blocks on something when it tries to
> > > read the variables; i've tried this using content(),
> > > Apache::Request's param, and CGI.pm's param. is there something
> > > that i'm not doing, or is this something more fundamental (ie.
> > > is it waiting for some kind of response from the browser that's
> > > never going to come?)
> > >
> > > i've got Apache 1.3.6, mod_perl 1.21, perl 5.004, libapreq-0.31, and
> > > CGI.pm 2.54,
> > >
> > > the code for my TicketAccess handler is below. any insight would be
> > > appreciated.
> > >
> > > --jay
> > >
> > > sub handler
> > > {
> > > my $r = shift;
> > >
> > > my $ticketTool = Custom::TicketTool->new($r);
> > > my($result, $msg, $href) = $ticketTool->verify_ticket($r);
> > > my $u;
> > >
> > > my $headers_in;
> > > # get any post data that was saved on the way out
> > > my $key;
> > > my $apr;
> > > my %cookies = CGI::Cookie->parse($r->header_in('Cookie'));
> > > my %post_data;
> > > my %post_info;
> > > if (exists($cookies{'post_info'}))
> > > {
> > > %post_info = $cookies{'post_info'}->value;
> > > %post_data = $cookies{'post_data'}->value;
> > >
> > > # set all the POST variable values into request_rec
> > > $apr = new Apache::Request($r);
> > > foreach $key (keys (%post_data))
> > > {
> > > $apr->param($key, $post_data{$key});
> > > }
> > >
> > > # try setting the method to "POST"
> > > $r->method ("POST");
> > > $r->method_number (M_POST);
> > > # set the incoming content-type as application/x-www-form-urlencoded
> > > $headers_in = $r->headers_in;
> > > $headers_in->{'Content-type'} = $post_info{ContentType};
> > > $headers_in->{'Content-length'} = $post_info{ContentLength};
> > > }
> > > if (lc($r->dir_config('AuthRequired')) ne 'no')
> > > {
> > > unless ($result)
> > > {
> > > # force the user to login
> > > $r->log_reason($msg, $r->filename);
> > > my $cookie = $ticketTool->make_return_address($r);
> > > $r->err_headers_out->add('Set-Cookie' => $cookie);
> > > # some number of cookies to store POST information & data
> > > foreach $cookie ($ticketTool->make_return_args($r))
> > > {
> > > $r->err_headers_out->add('Set-Cookie' => $cookie);
> > > }
> > > return FORBIDDEN;
> > > }
> > > return OK;
> > > }
> > > else
> > > {
> > > unless ($result)
> > > {
> > > return OK;
> > > }
> > > return OK;
> > > }
> > > }
> >
> >
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic