Sign in to follow this  
david6327

Unity C++ cgi and Sessions

Recommended Posts

<introduction> Hello, as I was stuck with a hard question, I asked my friend if he can help me tackle down the problem. He seemed to be too busy this weekend, however encouraged me to come to this website. So, I'd like to say a little hello to the community before I post my first post. </introduction> I was wondering if there is an existing library for generating session ID's for C++ based web appliations that will be stored in a cache. ( Planning to use for a shopping cart and membership support. ) Why don't I use cookies? With the visitor's information saved on the server's cache, we can collect and manipulate data. After some kind of research. Looks like I can manage sessions through the post and get methods. (URL and FORM SUBMITIONS) xxx.cgi?id=12We4dg2K9 with the ID number created with a random 10-12 digit alpha-numeric value. The only problem to this general solution is that my cgi program uses iframes, and I don't know how I can make my iframes communicate with each other without using cookies. I guess the solution for this would be to somehow send information from the main iframe window to the server in intervals. and other iframe windows will receive information from the server in runtime without refreshing the page ( something like AJAX technologies I guess.. ) and as far as security goes, i'm not sure if post and get methods of sessioning is secure, nor do I know how to make it secure. If anybody can send me to the right direction. Thank you very much! Any kind of related links will be greatly appreciated. Thanks a whole bunch once again.

Share this post


Link to post
Share on other sites
I'm not sure if there is a library for that, but I would say even if there is something, it will turn out to be part of a much bigger system. With sessioning, you will probably have to store the ID in some DB table (especially if you're planning on persisting it over several weeks). You can store the session ID in a cookie and then lookup all the other stuff you want from the DB, given that session ID.

Make sure, however, that anytime something that requires security is done (access to account settings, making a purchase, etc.), you require authentication by password (even if it's set to remember them on that computer or whatever - ALWAYS always require authentication when doing something secure).

I guess I'm kinda rambling. If your main interest is more in setting up some store and selling goods on a site you maintain (as opposed to learning the technical side of things), I would recommend you go with a commercially available solution, because this is a MUCH more difficult problem to solve than you probably imagine, and I've seen some ass-backwards systems online that I don't know why people trust. Just be careful :-).

Share this post


Link to post
Share on other sites
Currently the program can do this assuming that the cookies are set as off on the client side.
1) on the first page, if there is no unique-id set, then the program creates a unique id for the visitor.
2) there will be a &id=10-digit-unique-id (a tracker) attached to every single link.
3) however, when back is pressed all the way back to the 1st page... the id is reset, yet my computer is left with that unique id still saved in the cache. ( useless information is stored on the computer )
Can I do anything about this without cookies? I can't think of any...

But when assuming that cookies are on, once the unique-id is marked, the unique id can be used throughout the whole session even when the visitor revisits the unique-id initialization page.

Another concern is bookmarks. What do I do for bookmarks?
Let's assume that a 10-digit-unique-id is created on march 5th 2005. and this page has been bookmarked. a year later, today. Somebody has coincidently recieved the same unique id. On the same day, coincidently, the user who has bookmarked the page just happened to use the bookmark again. Then two people will be manipulating the session file, thus bringing unwanted results.
One way I have thought was to record the user's ip address in the session file so that only the person with matching ip address stored in that session-id can manipulate the new data.

[moderators, can you please relocate this post to the web development section please?]

Share this post


Link to post
Share on other sites
If you need a globally unique ID... use a guid.

Guids are 128 bits, and they really tend to be unique.

Toss the GUID through a hashing function (so people can't log into other people's sessions trivially).

One case-sensative alpha-numeric character is ~5.95 bits of data. So 22 case-sensative alpha-numeric characters can represent a guid.

And why don't you use cookies?

If you cannot modify the cache code to include the cookies the client sends to you, simply set an identical cookie and session ID in the URL. Repeatedly check in your CGI code that both the cookie and the session ID match (if they do not I'd be tempted to simply boot the user with an error message, or clear the cookie and the session ID and ask them to log in again.)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Announcements

  • Forum Statistics

    • Total Topics
      628336
    • Total Posts
      2982156
  • Similar Content

    • By Afambus
      Hello,
      I have a full experienced team that looking for a composer and another 3d designer, im expecting as much from you there are other people in this server that can help you we have a determined team, we have done many things in our game there is more information in the discord about everyone and there skills there region and about the game, if you join the discord pm asap
      https://discord.gg/b2teN3m
    • By BAG Labs
      Mobile SoS

      Platform: Android
      Genre: Board
      Link: Google Play
       
      This games sharpen memory and test your strategies to place S-O-S pattern within time limit and serve 3 difficulties as Easy, Normal, and Hard.

      Goals of the game is to put S-O-S words in patterns (Horizontal, Vertical, and Diagonal) alternately with enemy.
       
      Features:
      Single Player Multiplayer Achievements Leaderboards  
       
      Screenshot:

       

       

       
      Link: Google Play
       
      Please help us improve this game with review
    • By abarnes
      Hello!
      I am a game development student in my second year of a three year program and I would like to start building my portfolio. I was thinking of creating some games to show what I can do to potential employers since I wont have any work related experience when I graduate. But as I'm sure you all know there are tons of ways to approach developing/designing a game and I'm curious if anyone had any insight as to any "standards" that come with this? Is it okay to use game engines like Unity, Unreal, Game Maker etc? Or would it be better to make a game from scratch to better show case your skills? Any and all advice will be greatly appreciated!
    • By Hilster
      Hello 2D Artists,
      I've started making a 2D Puzzle Adventure game for mobile and I'm looking for someone who would want in on creating assets for the game. The core of the programming is pretty much complete, you can walk within the grid laid out and push boxes, when there is an object on top of a pressure pad it will activate the linked objects or if there is one object with multiple linked pressure pads it requires you to activate all points for the object to become active. 

      The level iteration for the game is quick and simple, a Photoshop file that is made of individual pixels that represents objects is put into the game and it creates the level out of those pixels with the assigned objects.
      The objects that need sprites created so far is the character, box, pressure pad, door, trap door, the walls, the stairs and the tiled background.
      I intend to add more objects so the amount I'd like to add will be extended.
      My motivations for posting here is to have something that looks nice to be able to display on my portfolio, so if you're looking for a working game that you can place your art into and improve the look of your portfolio then we're in business.
      Please reply with a few past examples of your art below and I'll be in touch!
    • By thefollower
      Hi
      I have set up my TcpClient to connect to my server and that works fine. But i am a bit confused how i read messages from the network stream with it continuously running via async, without ever closing the connection ?
      My TcpClient Manager class has:
       
      public async Task<bool> Connect(string address, int port) { try { await _tcpClient.ConnectAsync(address, port); IsConnected = true; return true; } catch(Exception e) { Debug.Log(e); return false; } } public async Task<int> Read(byte[] readBuffer) { if (!IsConnected) return -1; using (var networkStream = _tcpClient.GetStream()) { try { var bytesRead = await networkStream.ReadAsync(readBuffer, 0, readBuffer.Length); return bytesRead; } catch (Exception e) { Debug.Log(e); IsConnected = false; return -1; } } }  
      So i thought to just run a co-routine and call Read constantly to get the most recent message, but that doesn't make much sense to me since a co-routine would be blocked with the await. How is this actually done? The MS Docs don't have very good Async examples with the TcpClient class so i don't know fully get how to keep calling Read correctly.
  • Popular Now