Thanks, Smelly. I actually thought about that, and I almost ran with
it.
The problem with that solution is that if you're storing more than
just the username, you need to keep track of all the session variables
you set so you can delete them all before logout (or wherever else you
need to destroy the session, security breaches for example).
SessionComponent could easily be extended to handle it, overriding
write, del, and destroy functions so everything would be handled
behind the scenes.
It's definitely doable, but I wanted to be sure it was /necessary/
before I run off and spend half a day coding it up. Do PHP or CakePHP
Sessions not handle this situation natively? I would feel pretty dumb
if I didn't try and figure that out first =]
On Jun 6, 4:24 am, Smelly_Eddie <[EMAIL PROTECTED]> wrote:
> $this->Session->del('user');
> $this->Session->setFlash('You have logged out');
>
> On Jun 5, 5:03 pm,floob<[EMAIL PROTECTED]> wrote:
>
> > I may be missing some key concept about how Sessions work in general,
> > so if this problem is inevitable everywhere, do please help me learn
> > why.
>
> > The situation is, in an action such as User logout for example, I
> > would like to destroy the session, initialize a new session, and store
> > a logout message. On redirect, however, the Session doesn't have the
> > message. A new session id is generated ( new filename in app/tmp/
> > sessions ) without any of the Session varibles stored at the end of
> > logout.
>
> > I'm testing with debug = 2, Session.save = cake, Security.level =
> > high, Session.checkAgent = true
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
