[isf-wifidog] Re: [isf-vol] Login in problems with the Network

David Vincelli micologist at gmail.com
Ven 20 Mai 13:20:10 EDT 2005


On 5/20/05, Mina Naguib <webmaster at topfx.com> wrote:
> Depending on the CGI framework, sessions could be stored on the
> server's hard disk (or database) for extra persistence.

Right. I was leaving out details.
 
> > Cookies are
> > stored client side (hd cache).
> 
> .. or memory, depending on the cookie type.  Cookies with an expiration
> date will be stored on disk, session-cookies (until the browser closes)
> are usually kept in memory only.

Again. I was stressing "persistant" cookies.

> Sessions are usually implemented as both a server-side session (with a
> session ID) and a client cookie with the same session ID.  So when a
> client re-hits the web server it supplies the cookie saying "I am
> session id XYZ" and the server can load the corresponding session data.

Some frameworks embed the session id in a get variable (creating nasty
URLs), usually as a workaround to users who refuse cookies.

> If the cookie is a session cookie (with no expiration date) then once
> the browser is closed, that server-stored session data is orphaned
> since nothing will use it.  This is our scenario (the PHPSESSID cookie
> from auth.ilesansfil.org is served without an expiration date set).

...maybe we have a reason to use cookies with expiration dates. My
hunch, uncofirmed, is that this is what some users are facing when
they have problems with our service.

> > Anyways back to the initial problem. It tried to redirect him to
> > localhost. What is that about?  Why would it ever issue such a stupid
> > redirect?
> 
> Take a quick look at the "Portal" and "Login" links at:
> http://auth.ilesansfil.org/node_list.php
> 
> They're a kludge (on that page only) to allow quick jumps to each
> hotspot's login and portal pages.

Oh ok. The server handles the request correspondingly. Maybe there's
another way of handling that particular case. I guess it's not worth
considering. I assume the kludge was used to make everything fit
together consistently (from a programmer's perspective). Maybe,
sometime someone who cares enough about it will clean it up. It seems
to work fine though.

If the problems some users were having are related to way we were
handling sessions, then we could focus our intentions on fixing that
problem.

-- 
David Vincelli


Plus d'informations sur la liste de diffusion WiFiDog