Hi, first post here. I'm enjoying getting to know rails. I have been
scratching my head trying to find a way to modify data in a session by
directly accessing CGI::Session.
I should note, using the following code, I can successfully create a new
key / value pair from the console, but not within my app. I have tried
both methods below:
def add_session_data(other_sess_id, new_data)
a =
CGI::Session::ActiveRecordStore::Session.find_by_session_id(other_sess_id)
a.data[:test] = new_data
a.save
end
def add_session_data(other_sess_id, new_data)
cgi = CGI.new("html4")
a = CGI::Session.new(cgi, 'database_manager' =>
CGI::Session::ActiveRecordStore, 'session_id' => other_sess_id)
a[:test] = new_data
a.close
end
Hi,
Rather than accessing a base methods directly, you can access some
class methods like 'process_cgi' to solve you pbm better I think. Try
http://api.rubyonrails.org/classes/ActionController/Base.html#M000523
this one and post here whether it helps you or not. I am also
interested in knowing this.
Hi,
Rather than accessing a base methods directly, you can access some
class methods like 'process_cgi' to solve you pbm better I think. Try
ActionController::Base
this one and post here whether it helps you or not. I am also
interested in knowing this.
Thanks,
Sadeesh
On Dec 15, 4:41�pm, Jeff Vogt <rails-mailing-l...@andreas-s.net>
Thanks for the reply.
I played around with process_cgi and determined it wouldn't work for
this application. Further, I went into the code for action_controller
to see how session data is saved. I went as far as writing my own
method that repeats the exact way session data is saved in Action
Controller, but no dice.
What I think is happening, is when a request is made by the client, it
grabs the current session data for a given session_id, THEN executes
application code (including updating in memory any changes to the
session data, THEN updates the database.
When we force changes to the session (by selecting sessions.data by
session_id, modifying, and saving) INSIDE of a request routine, the data
changes just fine, but is overwritten at the end of the request.
I think.
If anybody has an idea to access whatever is the temporary store for the
session when it gets changed during a request, I'd love to figure this
out.
I just realized that since the objective is to modify another user's
session data (as opposed to my own), the code I am using will work.
There's one caveat, however, and someone correct me if I'm wrong: If
the user who's session data we are changing makes a request at the exact
same time as our user who is modifying data, there's a chance that he
will overwrite our changes, and there is no easy way to detect this. Or
is this not true in a single-threaded environment?
That being said, I'm also slightly embarrassed to post the following
code, I have a feeling there's a much better way to do this. But here
goes:
@@connection ||= ActiveRecord::Base.connection
record = @@connection.select_one("SELECT * FROM sessions WHERE
session_id = '#{other_sess_id}'")
a = record['data']
b = Marshal.load(ActiveSupport::Base64.decode64(a)) #demarshal and load
session into b
b[:testdata] = 'data here'
c = ActiveSupport::Base64.encode64(Marshal.dump(b)) #marshal
@@connection.update("UPDATE sessions SET data = '#{c}' WHERE session_id
= '#{other_sess_id}'") #save to db