What happens to ci_seesion table when user logs out? |
Hi;
I use db for logins,,, I was wondering what happens to ci_seesion table when user logs out? The records still stay in ci_sessions table. Thanks (02-02-2016, 07:21 PM)behnampmdg3 Wrote: I use db for logins,,, I was wondering what happens to ci_seesion table when user logs out? IIRC, the Session library will periodically go through and clean up old sessions. This doesn't happen every time, but there is a small percent for it to happen on every page view. Or something similar. (02-02-2016, 07:21 PM)behnampmdg3 Wrote: Hi; A well-designed authentication system would call session_destroy() on logout, in which case the session in use would be deleted. Unfortunately, most devs don't do that and have a session running for all users, regardless of whether they're logged-in or not. In this case, a decent thing to do would be to call session_regenerate_id(true) on login/logout and that would at least replace the session ID when users' privileges are changed. Unfortunately, most devs don't do that either and you're left with what Lonnie said: (02-02-2016, 08:40 PM)kilishan Wrote:(02-02-2016, 07:21 PM)behnampmdg3 Wrote: I use db for logins,,, I was wondering what happens to ci_seesion table when user logs out? That chance is exactly ini_get('session.gc_probability') / ini_get('session.gc_divisor'). |
Welcome Guest, Not a member yet? Register Sign In |