使用COOKIES 问题(100分)

我的CGI程序在连续CGI执行时COOK可以保存，如换为调用HTM连接，COOK内容丢失，为什么？
再议如何一次登录可以全部访问全部页面，而且断线后再接仍可访问？

listen

登录一次,设置COOKIE的有效时间,不设为页面过期时间,也就是退出网站的时间.
而HTM连接不行,可能是COOKIE设置的地址不对,用域名时,设置IP地址就会造成
COOKIE发送不到,反之亦然.

估计是有效期设成了页面关闭。

大富翁的cookie的时间全部设置成会话结束，也一样可以只登陆一次。
而且我用delphi 做的cgi也一样，我觉得截止期限设置成会话结束
既安全又可以达到目的。
至于HTM连接时COOKIE 存不上，我同意WWWSYS的观点。

这个问题我在exex上花了50分，好心痛啊


response.content := '<script>document.cookie="username=' + username + ';password=' + encodedpassword + 'expire etc........;"'</script>';
Technical Information Database

TI4523D.txt - Working with cookies

Category :Internet/WEB
Platform :All-32Bit
Product :All32Bit,

Description:
The purpose of this document is not to explain what a cookie is or what it is used for. Instead this document
assumes that you are familiar with the use of cookies and want to know how to work with them when
developing web server applications with Delphi 3.

The TWebRequest and TWebResponse objects provided in Delphi 3 both have properties which allow for
the easy use of cookies. TWebRequest has the Cookie and CookieFields properties to allow a web server
application to read the cookie header sent as part of a HTTP request. The TWebResponse object has the
Cookies property which allows a web server application to place a cookie on the client machine through the
cookie header of the HTTP response. This is usually set through the use of the SetCookieField method.

When a server responds to a HTTP request it sends a document with a header and a content section. Delphi
provides the ability to add a cookie header through the TWebResponse.Cookies property. This is best set
through the use of the SetCookieField method. The following TWebActionItem demonstrates the use of the
SetCookieField method to return a cookie to the requesting browser. This example uses localhost as the
domain. You would use this for testing and replace this string with your domain name. The third paramater is
a slash. This means that this cookie will be sent along with all requests from the browser while at this domain.
For further explainations of these paramaters see the aforementioned RFC 2109.

procedure TWebModule1.WebModule1WebActionItem1Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
MyCookies: TStringList;
begin
MyCookies := TStringList.Create;
with MyCookies do begin
Add('Name=Frank Borland');
Add('Address=100 Borland Way');
Add('Product=Delphi');
end;
with Response do begin
SetCookieField(MyCookies, 'localhost', '/', (Now + 1), False);
Content := 'Cookie planted';
end;
end;

When a request is made of the HTTP server the client browser issuing the request will package up all of the
aplicable cookie name value pairs and include them in the HTTP requests cookie header. Delphi 3 will make
these available to a web server application in two ways. The first way is as a string through the Cookie
property of the TWebRequest paramater of a TWebActionItem. It is also available as a TStrings property
called CookieFields. CookieFields is the parsed contents of the Cookie header of an HTTP request message.

The following are TWebActionItems which extract the name value pairs and return them to the client in the
form of a bare bones HTML page. The first example returns the cookie as a single string, while the second
example returns each name value pair on a seperate line.

procedure TWebModule1.WebModule1WebActionItem2Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
begin
Response.Content := '<HTML><BODY>' + Request.Cookie +
'</BODY></HTML>';
end;

procedure TWebModule1.WebModule1WebActionItem3Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
i: integer;
begin
Response.Content := '<HTML><BODY>';
for i := 0 to (Request.CookieFields.Count - 1) do
begin
Response.Content := Response.Content + '<p>' +
Request.CookieFields + '</p>';
end;
Response.Content := Response.Content + '</BODY></HTML>';
end;

//end TI

Reference:
None

4/1/99 11:45:44 AM

//////////////////////////////////////////////////////////
procedure TWebModule1.WebModule1WebActionItem1Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var cookielist : TstringList;
begin
cookielist := TStringList.Create;
try
cookielist.Add('Name1=alice');
Response.SetCookieField(cookielist,'','',-1, false);
finally
cookielist.free;
end;
Response.Content := '<html><head><meta http-eqiv="Refresh"
Content="0;URL=http://mywebsite/mydll.dll/checkcookie"></head></html>';
Handled := true;
end;

procedure TWebModule1.WebModule1WebActionItem3Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var s : string;
begin
s := '';
try
s := Request.CookieFields.Values['Name1'];
except
{silent}
end;
if Length(s) <> 0 then
Response.SendRedirect('http://mywebsite/myhtml.htm')
else
Response.Content := 'Sorry, You do not accept the cookies.';
end;
---------
Since the SetCookieFields doesn't work with SendRedirect, I display the
temperary pape. Then the temperary page will refresh in 0 second and run the
mydll.dll/checkcookies,redirect the page.
It works for IE4,5 and NS4 from PWS. It seems ASP doing the same way.
*************************
Still question:
from delphi4 help file, it says

procedure SendRedirect(const URI: string); virtual; abstract;
Description
Call SendRedirect to redirect the web client request to another URI that is the
proper target of the request. SendRedirect does the same thing as setting the
StatusCode to 301, the Location to URI, and calling SendResponse.

But I wrote the code as
Response.StatusCode:=301;
Response.Location := 'http://mywebsite/myhtml.htm';
Response.SendResponse;
---
It doens't work for me at all. I guest the help file is wrong.

用什么设置会话参数？
本人E文很差，哪位帮忙翻译一下，如果能解决问题，将分一半分，多谢

看完lss的"分一半分",觉得hubdog果然很惨....

其实，一分都不该得，我又看错题了，
回答的驴唇不对马嘴.

没有人给解试一下吗？

>>我的CGI程序在连续CGI执行时COOK可以保存，如换为调用HTM连接
没看懂,什么叫"换为调用HTM连接" ?

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>New Page 2</title>
</head>

<body>
<pre><font face="宋体" size="2">
以下是登录窗口，输入用户名和密码，按确定执行下列事件：
procedure TWebModule1.WebModule1WebActionItem7Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
MyCookies: TStringList;
begin
Query1.SQL.Text:='Select * from users where (username='''+Request.ContentFields.Values['username']+''')';
Query1.Open;
if Query1.Eof then begin
Query1.Close;
ShowMess:='该用户不存在！';
PreMess:='"'+CgiPath.Exec+'/NewLogin"';
Response.Content:=PageMess.Content;
exit;
end;
if Query1.FieldByName('Passwd').AsString<>Request.ContentFields.Values['password'] then begin
Query1.Close;
ShowMess:='密码输入错误！';
PreMess:='"'+CgiPath.Exec+'/NewLogin"';
Response.Content:=PageMess.Content;
exit;
end;
Query1.Close;
MyCookies := TStringList.Create;
MyCookies.Add('username='+Request.ContentFields.Values['username']);
MyCookies.Add('password='+Request.ContentFields.Values['password']);
Response.Cookies.Clear;
Response.SetCookieField(MyCookies, 'localhost', '/', (Now + 1), False);//能否解释一下参数的意义及使用
MyCookies.Free;
CurrentPerson:=Request.ContentFields.Values['username'];
Response.Content:=PageMain.Content;
end;

以下是主窗口调用时的代码：
procedure TWebModule1.WebModule1WebActionItem6Action(Sender: TObject;
Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
begin
if (Request.CookieFields.Values['username']<>'') then begin//如果用户已经登录过
Query1.SQL.Text:='Select * from users where (username='''+Request.CookieFields.Values['username']+''')';
Query1.Open;
if (not Query1.Eof)and(Query1.FieldByName('password').AsString=Request.CookieFields.Values['password']) then begin
　　　//如果登录用户名和密码正确　
Query1.Close;
CurrentPerson:=Request.CookieFields.Values['username'];
Response.Content:=PageMain.Content;//调用主窗口
end else begin
Query1.Close;
Response.Content:=PageLogin.Content;//不正确调用登录窗口
end;
end else begin
Response.Content:=PageLogin.Content;//没登录过调用登录窗口
end;
end;

为什么登录一次后，关闭该IE窗口，再开一IE窗口，在地址栏调用主窗口时仍然出现登录窗口
http://localhost/test/cgi-bin/testexe.exe/main ->调用第二个过程,
->http://localhost/test/cgi-bin/testexe.exe/login 第一次登录产生登录窗口
关闭该窗口
再开一IE窗口
输入http://localhost/test/cgi-bin/testexe.exe/main仍然出现登录，如何登录一次，直到断线为止不再出现登录窗口

g622:抱歉，我的言语不当让您为hubdog抱不平，我另加200分希望大家帮忙解决，这100分先定给hubdog了，另外答案有边的都会相应
得到分，请各位大侠帮忙，感谢!!!</font><font color="#FF0000" face="宋体" size="6">＋200分</font><font face="宋体" size="2">
</font></pre>

</body>

</html>

.

Response.SetCookieField(MyCookies, 'localhost', '/', (Now + 1), False);
这句话好象有问题，
now+1好象表示cookie失效期为1秒,失效期太短了，你一关闭ie,cookie就失效了，
需要重新登陆，不如改成now+大数，或者直接设定为第二天的某个时间。

我试过了，加大数也不好使，我想有效期在本次会话，断线之前，如何做

在我的理解里面,好像根本就没有可能把Cookie的期限设置为"断线之前"?????
----谁知道你什么时候断线?

除非你始终保留一个IE窗口不要关闭(它可以帮你维持Cookie).或者干脆把
期限设置为1天.

说错话了，是本次会话，我的理解是登录一次可以访问全部页面，再开IE也可以访问
当用户下线后，重新访问本站，再出现登录窗口

如果你是要设成本次会话中有效的话，那么把now+1改成-1,
这样只要ie窗口全都关了，那么再次连接的话，就会出现登陆窗口
否则，你只能是把now+1改成MyDate:= StrToDate(DateStr)；
datestr是12：00之类的表示时间的字符串
,比如你可以设成当日24点钟前有效

我改成－1仍是不行，这在先前已经试过，不知是怎么回事，程序您已经看过，请查查
另外我想大富翁的登录机制是否还加上IP地址验证，如果IP地址不同，则重新登录，
IP地址相同，如果没登录过，则登录，登录过则不登录，是否是这样？

..