I am having some problems with $Session->Abandon().
I have the following code on a logout page : use Data::Dumper; warnd("b4",Dumper $Session); $Session->Abandon(); warnd("after",Dumper $Session); $Response->Redirect("/login/login.asp");
Each time I print the contents of $Session, even after I have abandoned it, I get shown the same contents.
"warnd" is a logging function I use which just dumps to a file.
Why, even after I have abandoned a session, is there still data in the session object ?
$Session->Abandon makes a session timeout immediately. However,
the session data will exist until the session manager cleans up
that session, and calls Session_OnEnd on it. The effect of $Session->Abandon
timing out a session immediately is that a web browser will get a new
session on the *next* web request.
A more accurate way to do this might be to call Session_OnEnd immediately,
but the problem remains then what state the $Session object is in
after $Session->Abandon. If Session_OnEnd is called, it will be deleted.
Perhaps one might want a new session created immediately after $Session->Abandon,
but the HTTP headers might have already been sent by this time, so the
browser would not be aware of it, so that does not seem like a good way to go.
Thanks for the answer. I will explain a little bit more about the problem (which I have solved).
I dont think the current system needs to be improved... it had worked fine for me until I noticed a problem with my logout code.
I only noticed the fact that the Session->Abandon didnt clear up immediately when debugging another issue.
Incase any other users notice, the version of Konquerer that ships with Redhat 7.3 is a bit buggy. When I logged out of my APP, I would go back to a login page. I then logged in as a different user, but somehow, it thought I was the old user. I couldnt understand as I knew I had explicity killed off the session on logout.
It seems to have been a Konquerer bug because when I upgraded (via Red Carpet) it all worked OK.
So it appears that Konquerer had a caching issue and was reposting the *old* credentials from the previous login.
Anyway, to cut a long story short, the problem is solved, and I dont really see any valid reason to change the implementation of Session->Abandon at present.
Richard
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
