Main  /  Edit  /  History  /   /  Users Area

Sessions

General

In this tutoring we would show the basics of using sessions in CppCMS --- how to store connection persistent data in stateless HTTP protocol.

Code

Our current code would be based on start with forms code.

Templates and Content

In this example we would save the information about user using session_interface object that can be accessed by session() member function of cppcms::application.

This information would be displayed to the user every time one visits the page.

First of all let's change our "content.h": Instead of showing person's sex and state we should display a prefix "Mr", "Miss" or "Mrs" according to our saved parameters.

So lets change line:

std::string name,state,sex;

to

std::string name,who;

And we would use following template:

<h1>Hello <%= who %> <%= name %></h1>
<% if (content.age != -1.0) %>
    <p>Your age is <%= age %></p>
    <h2>Change details</h2>
<% else %>
    <h2>Input your details</h2>
<% end %>
<form method="post" action="" >
<% form as_p info %>

Notes: We can inject arbitrary C++ code into conditions between two brackets () (line 2). However, now we should refer to all content class variables using content member. Templates engine would not substitute correct prefix for you, because it is native C++ code.

Saving data

Now let's rewrite out hello::main function:

First of all let's load new data from the form when it submitted to session object, instead of content. This information is preserved withing different requests:

content::message c;
if(request().request_method()=="POST") {
    c.info.load(context());
    if(c.info.validate()) {
        session()["name"]=c.info.name.value();
        session()["sex"]=c.info.sex.selected_id();
        session()["state"]=c.info.martial.selected_id();
        session().set("age",c.info.age.value());
        c.info.clear();
    }
}

Notes:

Now, our session data would be preserved between requests and we can fetch it:

Fetching Data

if(session().is_set("name")) {
    c.name=session()["name"];
    if(session()["sex"]=="m") {
        c.who="Mr";
    }
    else {
        if(session()["state"]=="s") {
            c.who="Miss";
        }
        else {
            c.who="Mrs";
        }
    }
    c.age=session().get<double>("age");
}
else {
    c.name="Visitor";
    c.age=-1;
}
render("message",c);

Notes:

Configuration --- behind the scenes

Storage Backend

CppCMS has several options to session management. In every case cookies are used --- there is no "GET" or "POST" methods for storing session information like /page/?sid=2e7f60c43b88d4b554a.

The developer has several options to save information:

We would add following lines to our CppCMS configuration file:

"session" : {
    "expire" : "renew",
    "timeout" : 604800,
    "location" : "client",
    "client" :      {
        "hmac" :        "sha1",
        "hmac_key" :    "3891bbf7f845fd4277008a63d72640fc13bb9a31"
    }    
}

Notes:

Duration Options

You can define several session duration options:

Each type of expiration has its time limit (even browser one has its limit). It can be defined using session.timeout parameter. The default one is 24 hours.

For example:

"expire" : "renew",
"timeout" : 604800,

Security Considerations

The full tutorial about sessions and security can be found here:

Make sure you read it and understand it.

Rules of thumb:


Working With Forms | Top | Basic Caching

About

CppCMS is a web development framework for performance demanding applications.

Support This Project

SourceForge.net Logo

Поддержать проект

CppCMS needs You


Navigation

Main Page



Valid CSS | Valid XHTML 1.0