Forum OpenACS Q&A: Need Chocolate Chip Cookie Recipe

Collapse
1: Need Chocolate Chip Cookie Recipe
Posted by MaineBob OConnor on 03/12/02 05:17 PM

I want to add my own cookie values to my OpenACS 3.x system as part of the current cookie system. Particularly, I want to renew a user's cookie with "bobzval" based on visits to specific pages by users who are NOT logged on.

I can selectively set a cookie in my file if:
ad_verify_and_get_user_id
comes back with a zero with this: 

ad_set_cookie -expires never "bobzval" "$bob1,$bob2"

If it turns out that this is a user already in the system but logged out, when they DO log in, I'd want the cookie $bob1 to be replaced with the "bob1" I already have in the db.

It appears that when I use the above code on a page, there is an unintended and unwanted redirection to the /registration page.

I'd like some help here...

  • Am I on the right track trying to use part of the existing OpenACS cookie system for my own values?
  • How do I prevent redirection?
  • How do I retrieve my values without other unintended consequences?
  • Other big picture ideas on solving this problem?

Thank you
-Bob

Collapse
2: Response to Need Chocolate Chip Cookie Recipe (response to 1)
Posted by Tom Jackson on 03/12/02 05:38 PM

I think ad_get_user_id returns zero for a non logged in user. Use this: 

set user_id [ad_get_user_id]
if {[string match "0" ${user_id}]} {

  # do something
} else {
  # do something else
}
Collapse
3: Response to Need Chocolate Chip Cookie Recipe (response to 1)
Posted by Jonathan Ellis on 03/12/02 06:15 PM
I wouldn't try to use cookies to hold info for non-registered users.  Cookies can be turned off, deleted, etc.  If you want to store user info, make them register and store it in the db.
Collapse
4: Response to Need Chocolate Chip Cookie Recipe (response to 1)
Posted by Tilmann Singer on 03/12/02 06:46 PM
I wouldn't set a new cookie. As far as I know openacs3 issues a session cookie automatically if cookies are enabled on the client, also for non-registered users. You can use the ad_set_client_property and ad_get_client_property procs to associate values to the current session (see /doc/security-sessions.html on an OpenACS 3.x installation).

When a user logs in or registers the new user_id will be stored in the sec_sessions table, so the values will the be directly associated with the user when possible.