in reply to Problems getting session management to work: is_expired seems to lie to me
Looking at the source-code of CGI::Session using the CPAN link, we can confirm that yes, the value of is_expired() is useful only after a load() call, since it is setting several bit-flags using the (alas, “thawed” and therefore not so easily readable) database data, viz:
# checking for expiration ticker if ( $self->{_DATA}->{_SESSION_ETIME} ) { if ( ($self->{_DATA}->{_SESSION_ATIME} + $self->{_DATA}->{_SES +SION_ETIME}) <= time() ) { $self->_set_status( STATUS_EXPIRED | # <-- so client ca +n detect expired sessions STATUS_DELETED ); # <-- session shou +ld be removed from database $self->flush(); # <-- flush() will + do the actual removal! return $self; } }
flush() is visibly a very-important call, responsible for creating, updating, and removing the underlying database record.
Now, we notice that this code is acting upon information that has been saved previously in the database, in the “frozen” blob of data ... if it is there! But, as Corion probably already intuited, there is a very good chance that it isn’t.
The POD documentation says (in the second sentence of “a warning about auto-flushing,” that: Explicit flushing after key session updates is recommended. And this is precisely what I would now suggest that you do. In the } else { part, after you have created the session, set its expiration-time and two parameters, flush() now. Don’t just add a line at the end of the module and hope for the best. As soon as you have made any changes that you want to be permanently fixed in the database, flush. Do this as-needed in both the “session found“ and the “new session” cases, erring as-needed on the side of caution, and I suspect that your troubles will vanish. (And if I’m right, Corion beat me to it.)
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^2: Problems getting session management to work: is_expired seems to lie to me
by ted.byers (Monk) on May 06, 2013 at 22:40 UTC | |
by ted.byers (Monk) on May 06, 2013 at 23:42 UTC | |
by Anonymous Monk on May 06, 2013 at 23:44 UTC | |
by ted.byers (Monk) on May 06, 2013 at 23:59 UTC | |
by Anonymous Monk on May 07, 2013 at 00:04 UTC |