On Wed, 19 Oct 2011 12:14:00 -0700, Brion Vibber wrote: > On Tue, Oct 18, 2011 at 11:36 AM, Dan Nessett <[email protected]> > wrote: > >> From what I have read, I thought this would fire up the session garbage >> collector on each access and timeout sessions after 60 seconds. It >> appears the latter is true, since if I log in (not setting "remember >> me"), edit a page, wait 60 seconds and try once again to edit the page, >> the latter is disallowed and the resulting response shows me logged >> off. >> >> However, when I look at the sessions directory, the session created by >> my login is still there. Maybe I don't understand what the garbage >> collector does, but I assumed it would destroy the session record if >> its lifetime exceeded maxlifetime. >> >> I know this is a PHP question, not a MW question, but I was hoping >> someone might fill me in. By the way, I am running PHP 5.3.4. >> >> > Off the top of my head I'd guess this: > > * around login time, a session is started: ** ID is generated: > 123456789abcdef > ** session cookie is sent to browser > ** /path/to/sessions/123456789abcdef file is stored with the fresh data > * after a while, some other request comes in ** session GC runs, > removing the file /path/to/sessions/123456789abcdef * your first browser > reconnects, providing a session ID key in its cookie ** server sees no > session with that id, so establishes a new one ** > /path/to/sessions/123456789abcdef file is stored with the fresh data > > Possibly the request to trigger GC was also your own second request. > > -- brion
After testing, it appears moving to 1.16.5 solves the problem. Should I file a bug against 1.16.2 and mention it is fixed in 1.16.5? This might help those who run 1.16.x, x < 5 if, if they run into the same problem -- -- Dan Nessett _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
