Hi,
Think you're slightly confused about the way cookies work for starters. You set a cookie by sending a HTTP Set-Cookie header which may look like this:-
print "Set-cookie: name=value; path=/;\n";
You may follow it by other headers, making sure the last one has two newlines after it. So you might have:-
print "Set-cookie: name=value; path=/;\n";
print "Content-type: text/html\n\n";
These headers are then sent to the web browser with your page. The web browser looks at these cookies and then says "OK, I'll store then and send them with
future requests." Note that cookies are a browser side thing in terms of storing them - what is in %ENV is what the browser sent. So you do not see cookies until after a refresh or another script grabs them.
As for grabbing cookies, I like to have a sub like this:-
sub parseCookies {
#Parse cookie data.
my %cookies = ();
my @pairs = split(/; /, $ENV{'HTTP_COOKIE'});
foreach my $pair (@pairs) {
my ($name, $value) = split(/=/, $pair);
$cookies{$name} = $value;
}
#Return cookie hash.
return %cookies;
}
Then you can do the following in your main code:-
my %cookies = parseCookies;
Then you can access them by name, e.g.
print $cookie{'name'};
Will print the value of the cookie called "name", which in the example I gave about was literally the word "value".
Like with form data, you should consider escaping characters like < and > as well as possibly ' and even " - these can be used to do cross-site scripting attacks and SQL injection attacks. Do whatever is appropriate for your situation.
Hope this helps,
Jonathan
###
for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
(tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
/(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");
