Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Re: Re: delete session using CGI::Session

by LTjake (Prior)
on Oct 08, 2003 at 19:17 UTC ( [id://297707]=note: print w/replies, xml ) Need Help??


in reply to Re: Re: delete session using CGI::Session
in thread delete session using CGI::Session

Abandoned sessions (e.g. a user session is created and the user never returns) will never be accessed again so the CGI::Session will never check to see if they have expired.

The following code can be run from the command line and will delete expired session files (and will print out the IDs that have been deleted). NOTE: I've only minimally tested this on Win2k. You might want to perform some thorough testing before deploying this in a production environment.

use strict;
use File::Find;
use CGI::Session;

use constant SESSION_DIR    => '/tmp/';

find( \&wanted, SESSION_DIR );

sub wanted {
    return unless /^cgisess_(.*)/;
    my $s = CGI::Session->new( undef, $1, { Directory => SESSION_DIR }
+ );
    $s->delete && print "$1\n" if $s->is_new;
}

[download]

The code will look through all "cgisess" files, assuming they're stored in /tmp. If the session has expired it will be auto-deleted by CGI::Session. However, CGI::Session then creates a NEW session, so we have to delete it before we exit out or we'll just create a new file to replace the one we've deleted! CAVEAT: This code modifies the ATIME on un-expired sessions.

--
"To err is human, but to really foul things up you need a computer." --Paul Ehrlich

Replies are listed 'Best First'.
Re: Re: Re: Re: delete session using CGI::Session
by shenme (Priest) on Oct 08, 2003 at 19:30 UTC
    Thanks for your code.   After seeing more than a couple files build up in my /tmp/ directory I went back to the docs and realized something.   The existing package is all about CGI and sessioning  (well, duh)  but has little for admin/debugging.   The caveat you mention is rather spooky and can't be avoided with the existing API.   It might be nice to have a 'peek' method that wouldn't affect anything to do with the 'state' of the session, such as time of last access.   (Sure wish I had some of that "free time" people keep mentioning...)
[reply]

      Right, as soon as you load up a session, the ATIME is updated.

      The only other option would be to slurp up the contents of the session file, "thaw" it (with whatever you're using as a serializer), and manually check its expiration.

      Since we're dealing with an expiration interval of only 5 minutes, the ATIME modification isn't so much of a concern. However, as the expiration interval increases, the modification of the ATIME value becomes more troublesome.

      --
      "To err is human, but to really foul things up you need a computer." --Paul Ehrlich

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://297707]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others taking refuge in the Monastery: (3)
As of 2024-04-19 22:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found