I found CGI::Session pretty much unusable in its current state. Maybe I just
didn't understand it. I was having lots of problems with the callback to
close the database and mod_ruby. I did grow my own:
def session(cgi, key, life=7776000)
id, = cgi.cookies[key]
if id
type = :COOKIE
cgi.instance_eval do
@output_hidden = { key => id }
end
else
id, = cgi[key]
if id
type = :PARAM
else
type = :UNKNOWN
require 'md5'
md5 = MD5::new
md5.update(String(Time::now))
md5.update(String(rand(0)))
md5.update(String($$))
id = md5.hexdigest[0,16]
end
cgi.instance_eval do
@output_hidden = { key => id }
cookie = Cookie::new({'name' => key, 'value' => [ id ],
'expires' => Time.now + life,
'secure' => false,
'path' => if ENV["PATH_INFO"] then
File::dirname(ENV["PATH_INFO"])
elsif ENV["SCRIPT_NAME"] then
File::dirname(ENV["SCRIPT_NAME"])
else
""
end})
@output_cookies = [ cookie ]
end
end
return [id, type]
end
Probably a silly way to do it, but a lot easier than trying to figure out
what CGI::Session does. :)
On Wednesday 03 January 2001 18:08, Guy N. Hurst wrote:
> The whole thing strikes me as inconsistent, yet very fixable.
> But I have seen no one else agree with me - am I the only one using this?
>
> I suppose I could always write my own sessions module (and I am on the
> verge of doing so for my applications), but I'd rather first cooperate. :-)
> I could also bypass cgi/session's lookup algorithm altogether and do my own
> lookup or creation logic and provide initialize() with the session_id
> everytime. But I really think all cgi programmers are going to need to do
> what I am doing, so why not make it easier for us? Or is there a large
> number of people who actually do not do things this way.
>
> (btw matz, in your table, you write that 'false' requires session id to be
> provided/created. But it can't be created since new_session=false.)
--
_______________________________________________________________________
Jonathan Aseltine aseltine / cs.umass.edu MAS, Umass, Amherst