World: r3wp

Actualy problem is in function read-post data - script hangs on read-io.
Why it is problem for MS IIS and how to solve them? 

read-post-data: func [
    {Reads the HTTP entity body}
    /safe "Disables evaluation of content-length header."
    /local len data tmp
] [

    len: load any [ all [safe "65536"] system/options/cgi/content-length 
    "0" ]

    data: make string! len
    tmp: make string! len
    while [ 0 < read-io system/ports/input tmp len ] [
        insert tail data tmp
        clear tmp
    ]

    data
]

is there any solution available for Rebol, which would handle sessions?

My understanding is, that sessions=cookies (or hidden form field, 
url, or combination of those ones) plus storage/invocation mechanism

there is cookies manager from Oldes somewhere, have a look around 
AltME for URL (he still ignores rebol.org, such a bad bad bad boy 
;).

cookies manager? will try to look for one :-)

yes, it's patched HTTP scheme. Does all session management automaticaly 
IIRC.

hmm, it might not be ideal for CGI, to do 20KB script with each invocation 
...

I found it via google ...

well, working with cookies is not all that difficult, is it? My friend 
just asked me - why rebol does not handle sessions, if any other 
language does. I told him to write it himself, but he probably does 
not know how. Isn't session just about getting a cookie, looking 
into your storage space for the cookie identifier (session identifier), 
loading the session data, using them, and storing them once again?

Pekr: his Cookies Daemon is client-side, not server-side, I probably 
understood you bad.

ah, yes, I wanted server-side one ...

Yes, session handling is not hard. REBOL does not have it built in 
because it was not designed to be mainly a CGI language; so you need 
to add that yourself.

how should I design my function, if I would like to have e.g. session: 
copy [] block, and later would like to append whatever rebol value 
into it? e.g. variable names using in script, objects, etc? when 
I do append session var, it stores its value .... what would be the 
best aproach?

the simplest way, which however needs write permissions to the filesystem, 
is to have a unique session id assigned to users; this id could be 
basically a file name (and you need to check for its sanity then); 
then you read from the file at the beginning, and save to it at the 
end.

eg. you could have session: load session-file at the beginning; then 
your script does whatever with session; then you save session-file 
session at the end.

temple.cgi does basically this.

yes, I know, as for files. My strategy is very simple - use cookies 
(I wonder if there is script being able to handle multiple cookies 
btw), then "start a session" = generate unique ID, store it in \sessions\ 
dir ....

I just thought about how to store and later load some rebol values, 
add new values to them .....

temple.cgi uses cookies. there is no problem in handling multiple 
cookies on the server side, and the bug with multiple cookies on 
the client side has long been fixed.

maybe a pair of word name (literal) plus value ... and then some 
little accessor function

i just let the session variable be whatever the user wants. it could 
be an object!, or a block!, or whatever.

in some cases you may just need a logic! value, in others a block 
with words and values may be best...

multiple cookies? how are they separated in http header? there are 
various scripts around, not sure all of them handle multiple cookies 
... I will investigate ...

ok, so you know you want to save variables: name last-name user-object 
some-block-here .... how do you save them, and later invoke them?

you just need to parse system/options/cgi/other-headers iirc. see 
temple.cgi, it shouldn't have problems with that. (but if you have 
session handling you only need one cookie in the end).

allowing session handling to directly set variables is a bad design, 
see the plagues that php had for this.

just have those values inside session. that could be session/last-name 
for eg

hmm, so construct an object, righ?

or a block [last-name "Santilli"]

depending on your needs :)

I was really tired by Bobik, who leaving rebol just slanders it, 
without proper deep knowledge of what session actually is. He reported 
to various other friends, that Rebol is terrible, because it is the 
only language not actually supporting sessions. Yesterday I looked 
into what "sesssions" mean in php terms, and I have to laugh - for 
me it is matter of few hours coding at max, to get it working ...

but that is overally problem of Rebol - while with other languages, 
e.g. python, he is willing to import particular library, with rebol 
he just states, that such a thing should be inside ...

while he is negative, the positive thing for me is, that his opinion 
means, he likes compact design of Rebol in fact, and regards it being 
a platform in itself :-)

As you mentioned Temple - it sleeps for last two or so years, or 
not? Is there any newer version available?

no new version. i don't think i'll have time for it.

working on R3, right? :-)

your friend Bobik didn't really have a good understanding of Rebol.

and we know that some people never get it sufficiently to be proficient 
enough

Vanilla has session support ...

rebol.org may as well.

I'm sure I read articles before on how one might do sessions server 
side.

Cheynne also has sessions ...

graham, yes many people try to use a new language like they've always 
done before... in any C derivative that works... cause basically 
you aren't doing anything differerently just writting it differently 
(java, perl, python)  but in others, you have to adapt and well... 
it doesn work!

trying to use french grammar with german words... wont work, obviously. 
 although they both have a similar male/female noun particularity.

What's the problem with sessions? I'm not using PHP native sessions, 
It's just cookies anyway, you send something which identifies it 
on the other side. If someone say, that Rebol is bad, because there 
are no sessions, must be totally crazy. You don't even use cookies, 
you can send the id as a POST/GET variable. With Rebol I have much 
more control over the process. You can make SERVER in Rebol, but 
You cannot do that in PHP. So what, everything has it's own purpose.

I know - but then some ppl would have to understand what is behind 
the sessions - and there really is not magic :-)

I've just added a script to REBOL.org that offers session support 
in a CGI environment:

http://www.rebol.org/cgi-bin/cgiwrap/rebol/view-script.r?script=acgiss.r

Documentation: http://www.rebol.org/cgi-bin/cgiwrap/rebol/documentation.r?script=acgiss.r

And, yes, Petr, it really isn'y magic......Though I hope it is debugged. 
Please let me know otherwise.

Session ID management can be very simple as this script : http://www.ladyreb.org/wiki/doku.php?id=safe-session.r

This script offer some protection against replay attack.

Thanks C. It is really easy isn't it?

The main differences between your approach and mine that I can see 
are:
1. you hold all data in one file; mine uses one file per session

2. you create just a cookie; mine creates a session record in which 
the CGI script can save data

Either way, the scripts demonstrate that the problem is really trivial 
-- with the one need to create unique and hard-to-guess session ids. 
 We've both put some serious code into doing that.

Hi. Is it possible Google does not index properly our http://www.jablunkovsko.cz
site, because links to particular subsites are burried in java-script 
menu? I created account with google, and checked my robots.txt allows 
engine to visit my site ....