untie session; When you close a session, Apache: : Session saves it t o t he sessions t able if youve m ade changes t o it . This also m akes t he session values inaccessible, so dont close t he session unt il youre done accessing it . Apache: : Session not ices changes t o t op- level session record values, but m ight not det ect a change t o a m em ber of a value st ored by reference such as an array elem ent . I f t his is a problem , you can force Apache: : Session t o save a session when you close it by assigning any t op- level session elem ent a value. The session I D is always present in t he session hash, so it provides a convenient way t o force session saving: session{_session_id} = session{_session_id}; An open session m ay be t erm inat ed rat her t han closed. Doing so rem oves t he corresponding record from t he sessions t able, so t hat it can be used no longer: tied session-delete ;

19.2.6 A Sample Application

The follow ing script , sess_t rack.pl, is a com plet e if short im plem ent at ion of an applicat ion t hat uses a session. I t uses Apache: : Session t o keep t rack of t he num ber of request s in t he session and t he t im e of each request , updat ing and displaying t he inform at ion each t im e it is invoked. sess_t rack.pl uses a cookie nam ed PERLSESSID t o pass t he session I D. This is done wit h t he CGI .pm cookie m anagem ent int erface. [3] [3] For information about CGI.pm cookie support, use the following command and read the section describing the cookie function: usrbinperl -w sess_track.pl - session request countingtimestamping demonstration use strict; use lib qwusrlocalapachelibperl; use CGI qw:standard; use Cookbook; use Apache::Session::MySQL; my title = Perl Session Tracker; my dbh = Cookbook::connect ; connection to MySQL my sess_id = cookie PERLSESSID; session ID undef if new session my session; session hash my cookie; cookie to send to client open the session tie session, Apache::Session::MySQL, sess_id, { Handle = dbh, LockHandle = dbh }; if defined sess_id this is a new session { get new session ID, initialize session data, create cookie for client sess_id = session{_session_id}; session{count} = 0; initialize counter session{timestamp} = [ ]; initialize timestamp array cookie = cookie -name = PERLSESSID, -value = sess_id; } increment counter and add current timestamp to timestamp array ++session{count}; push {session{timestamp}}, scalar localtime time ; construct content of page body my page_body = p This session has been active for session{count} requests. . p The requests occurred at these times: . ul li session{timestamp}; if session{count} 10 close and save session { untie session; } else destroy session after 10 invocations { tied session-delete ; reset cookie to tell browser to discard session cookie cookie = cookie -name = PERLSESSID, -value = sess_id, -expires = -1d; expire yesterday } dbh-disconnect ; generate the output page print header -cookie = cookie send cookie in headers if its defined . start_html -title = title, -bgcolor = white . page_body . end_html ; exit 0; Try t he script by inst alling it in your cgi- bin direct ory and request ing it from your browser. To reinvoke it , use your browsers Reload funct ion. sess_t rack.pl opens t he session and increm ent s t he count er prior t o generat ing any page out put . This is necessary because t he client m ust be sent a cookie cont aining t he session nam e and ident ifier if t he session is new. Any cookie sent m ust be part of t he response headers, so t he page body cannot be print ed unt il aft er t he headers are sent . The script also generat es t he part of t he page body t hat uses session dat a but saves it in a variable rat her t han writ ing it im m ediat ely. The reason for t his is t hat , should t he session need t o be t erm inat ed, t he script reset s t he cookie t o be one t hat t ells t he browser t o discard t he one it has. This t oo m ust be det erm ined prior t o sending t he headers or any page count .

19.2.7 Session Expiration