Your skill will accomplish what the force of many cannot |
|
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
The most likely reason for this is because the expiry time set on the cookie sent to the client exceeds that set for the session in the database. This is not a major problem per se but rather a segment of your user interface and session control which needs to be approached more defensively - That is, your coding approach to this element of your user interface should anticipate the scenario where a session ID provided by a client may be no longer valid.
For example, consider the following mock-up code based on the snippet provided and some of my code that uses Apache::Session:
It may be worthwhile having a look at Essential CGI Security Practices and Securing CGI scripts - In short, code defensively and never trust anything sent from the browser.
In reply to Re: Tracking users with cookies
by rob_au
|
|