FiveTech Software tech support forums

[Otto]

Dear Antonio,

can you tell me please what SetCookie( "_HB_SESSION_", "", 0 ) exactly does?
How long exitst a session with 0 secs. For ever?
I use in mod Harbour for session following code:

Code: Select all  Expand view

function SessionStart() // Starts a session
    /*
       Creates the .hb_sessions directory on the temp dir if not already created, creates the session hash table and saves the session id on a cookie.
    */
    local cChars := "0123456789ABCDEF"
    local cUUID  := ""
    local cPass  := ""
    local cCookie := GetCookieByKey( "_HB_SESSION_" )
    local hStart := { => }
    local cKey, cDataDesenc, cDataEnc
    local cReturned := .F.
    local nHandle
   
    if cCookie == nil
       for n = 1 to 16
          cUUID += SubStr( cChars, hb_Random( 1, 16 ), 1 )
          cPass += SubStr( cChars, hb_Random( 1, 16 ), 1 )
       next

       if ! hb_DirExists( hb_DirTemp() + ".hb_sessions" )
          hb_DirCreate( hb_DirTemp() + ".hb_sessions" )
       endif
       
       cKey := hb_blowfishKey( cPass )
   
       cDataDesenc = hb_Serialize( hStart )
       cDataEnc = hb_blowfishEncrypt( cKey, cDataDesenc )

       if ( nHandle := FCreate( hb_DirTemp() + ".hb_sessions/" + cUUID + ".ses" ) ) > 0
          hb_MemoWrit( hb_DirTemp() + ".hb_sessions/" + cUUID + ".ses", cDataEnc )
          FClose( nHandle )
       else
          cReturned = .F.
       endif
   
       cCookie = cUUID + ":" + cPass
   
       SetCookie( "_HB_SESSION_", cCookie )
       cReturned = .T.
    endif
 
 return cReturned
 
 //-------------------------------------------------------------------------------------//

It seems to me now that SetCookie( "_HB_SESSION_", cCookie ) which uses

Code: Select all  Expand view

function SetCookie( cName, cValue, nSecs, cPath, cDomain, lHttps, lOnlyHttp )

   local cCookie := ''
   
   // check parameters
   hb_default( @cName, '' )
   hb_default( @cValue, '' )
   hb_default( @nSecs, 3600 )   // Session will expire in Seconds 60 * 60 = 3600
   hb_default( @cPath, '/' )
   hb_default( @cDomain , '' )
   hb_default( @lHttps, .F. )
   hb_default( @lOnlyHttp, .F. )   
   
   // we build the cookie
   cCookie += cName + '=' + cValue + ';'
   cCookie += 'expires=' + CookieExpires( nSecs ) + ';'
   cCookie += 'path=' + cPath + ';'
   
   if ! Empty( cDomain )
      cCookie += 'domain=' + cDomain + ';'
   endif
       
   // pending logical values for https y OnlyHttp

   // we send the cookie
   AP_HeadersOutSet( "Set-Cookie", cCookie )

return nil

//----------------------------------------------------------------//

defaults to 3600 secs.

Best regards,
Otto

[Carles]

Otto

The third parameter is the duration of the cookie. By default, it is set to 3600 sec. If you specify 0 it doesn't expire or at least it was the purpose.

I think I remember that if you didn't put the "expires=" clause in the cookie function, it didn't expire



C.

[Otto]

Hello Carles,
thank you.

I am referring to the session.prg function, specifically the sessionstart() function. The code include the following line to set the cookie:

SetCookie("HB_SESSION", cCookie)

The default duration for the cookie is 3600 seconds.

Best regards,
Otto

/*
sessions.prg - Sessions Engine for mod_harbour
(c) 2020 Lorenzo De Linares Álvarez - lorenzo.linares@icloud.com
Released under MIT Licence. Please use it giving credit to the author of the code.

This module implements sessions on mod_harbour. Sessions are used to save
data on a session hash table. The saved data on the server is encrypted by
a key that it is only stored on the client and is unique for each session.
*/

Code: Select all  Expand view

function SessionStart() // Starts a session
    /*
       Creates the .hb_sessions directory on the temp dir if not already created, creates the session hash table and saves the session id on a cookie.
    */
    local cChars := "0123456789ABCDEF"
    local cUUID  := ""
    local cPass  := ""
    local cCookie := GetCookieByKey( "_HB_SESSION_" )
    local hStart := { => }
    local cKey, cDataDesenc, cDataEnc
    local cReturned := .F.
    local nHandle
    logline('SessionStart','test')
    if cCookie == nil
       for n = 1 to 16
          cUUID += SubStr( cChars, hb_Random( 1, 16 ), 1 )
          cPass += SubStr( cChars, hb_Random( 1, 16 ), 1 )
       next

       if ! hb_DirExists( hb_DirTemp() + ".hb_sessions" )
          hb_DirCreate( hb_DirTemp() + ".hb_sessions" )
       endif
       
       cKey := hb_blowfishKey( cPass )
   
       cDataDesenc = hb_Serialize( hStart )
       cDataEnc = hb_blowfishEncrypt( cKey, cDataDesenc )

       if ( nHandle := FCreate( hb_DirTemp() + ".hb_sessions/" + cUUID + ".ses" ) ) > 0
          hb_MemoWrit( hb_DirTemp() + ".hb_sessions/" + cUUID + ".ses", cDataEnc )
          FClose( nHandle )
       else
          cReturned = .F.
       endif
   
       cCookie = cUUID + ":" + cPass
   
       SetCookie( "_HB_SESSION_", cCookie )
       logline("setcookie", '72000' )
       cReturned = .T.
    endif
 
 return cReturned
 
 //-------------------------------------------------------------------------------------//