Re: How do I prevent a session from rebuilding itself?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 2006-07-11 at 17:27, Daevid Vincent wrote:
> I've noticed a 'feature' that seems to be causing me some pain.
> 
> When a user logs in, we store various pieces of info and their user class in
> a $_SESSION variables.
> 
> This includes a flag saying that they've ben authenticated.
> 
> I would expect that if I 'rm -rf /tmp/sess_*' that the user would get
> prompted to re-login (since the flag is not set).

Does it say someplace in the manual that you should be able to do that?
Or is this a case of what you expect is not what the rest of the world
expects? Ok, that's maybe not fair, but "rm -rf /tmp/sess_*" is
completely prone to race conditions.

> However what actually happens, is that PHP silently just re-creates the
> session with a new unique identifier but with all the same data in it. GRRR.

Are you sure that PHP is the one completely recreating the session? Do
you have some kind of "remember me" facility using a permanent cookie
that enables your scripts to recreate a session with a new identifier?
Because PHP doesn't usually do that by itself.

> How can I force this to NOT happen (either via php.ini or via some function
> or directive call in each page load)?

Try this...

    /etc/init.d/apache stop
    rm -rf /tmp/sess_*
    /etc/init.d/apache start

If that doesn't prevent recreation of the session then see the "remember
me" comment above (you may need to replace the above shutdown/startup
commands with whatever works for your OS/distro.

Cheers,
Rob.
-- 
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for       |
| creating re-usable components quickly and easily.          |
`------------------------------------------------------------'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux