Welcome Guest, Not a member yet? Register   Sign In
session
#1

[eluser]ronnie_nsu[/eluser]
Guys
i m working on a project where during the logout system takes care of few things..like delete some file or rows from the database..and it works fine when user uses logout button to end his session.But problem occurs when the user forgets to logout or closes the browser.. cause then he/she automatically gets logged out since session gets expired.

Do you guys know how to handle this situation?Is there any hook system/custom function call for the session expiration..or any ideas how to accomplish this??

BTW i am using cookie based session.

I would greatly appreciate any kind of help.

Thanks in Advance.

-RonniE
#2

[eluser]bretticus[/eluser]
There really is no reliable way to detect session expiration. CI cookie sessions are not truly sessions in the traditional sense. CI sessions store all the session data in a cookie. Using PHP sessions, for example, all the information is stored on the server with a cookie that has the session key to "unlock" the session data per user. (I should note that CI sessions in database mode work more like traditional sessions.)

HTTP is stateless and there is no notion of session. In fact, cookies are a session imitating "hack." Thus, there's no execution hook for statelessness. The browser requests a page, the server returns the request all at once. Smile

What you should do is setup a cron job to run a PHP/Perl/Python/Ruby/Bash script that checks to see how old the data is and if it meets a certain criteria (30 minutes since last update) then delete it (PHP session handling basically does this as garbage collection except it probably occurs when PHP is executed rather that on a timer.)
#3

[eluser]ronnie_nsu[/eluser]
[quote author="bretticus" date="1252312780"]There really is no reliable way to detect session expiration. CI cookie sessions are not truly sessions in the traditional sense. CI sessions store all the session data in a cookie. Using PHP sessions, for example, all the information is stored on the server with a cookie that has the session key to "unlock" the session data per user. (I should not that CI sessions in database mode work more like traditional sessions.)

HTTP is stateless and there is no notion of session. In fact, cookies are a session imitating "hack." Thus, there's no execution hook for statelessness. The browser requests a page, the server returns the request all at once. Smile

What you should do is setup a cron job to run a PHP/Perl/Python/Ruby/Bash script that checks to see how old the data is and if it meets a certain criteria (30 minutes since last update) then delete it (PHP session handling basically does this as garbage collection except it probably occurs when PHP is executed rather that on a timer.)[/quote]

thanks man.
#4

[eluser]kurucu[/eluser]
PHP sessions would not delete custom files or rows in the database, only session data just like CodeIgniter.

However, the solution is the same as bretticus suggested: run a cron that looks for expired sessions, and performs the cleanup for you. The problem is that you'll have to manually decode (serialise) session data and that assumes you store the userdata in the database. If you are not, then knowing which user maps to which session ID would be very difficult/impossible. It all depends on how you've keyed those files and rows in your database.
#5

[eluser]bretticus[/eluser]
[quote author="kurucu" date="1252350629"]PHP sessions would not delete custom files or rows in the database, only session data just like CodeIgniter.[/quote]

Yeah, that was meant as an example for the model, not a suggestion. Hope I didn't confuse you there. I was just trying to say that even PHP sessions have to use the model of garbage collection because of HTTP being stateless. That's why I recommended a script that is evoked from cron. The script, of course, needs to be able to run a database query just like your PHP scripts. If your database information that needs garbage collection has a timestamp of some kind then this is possible (because your query can check for records that are stale: not updated since...)

Sounds like it's not session data though that you need to clean up since you had session handling in a cookie separate from the data. However, it might not be a bad idea to incorporate that data into CI session database mode. Then CI will clean it up for you automatically.
#6

[eluser]ronnie_nsu[/eluser]
thank you guys!




Theme © iAndrew 2016 - Forum software by © MyBB