Further to my previous email:
My suspicion is that the bug is in RoundCube's custom session handling code. As
I poke in program/include/session.inc I note that Roundcube installs custom PHP
session handlers here:
// set custom functions for PHP session management
session_set_save_handler('sess_open', 'sess_close', 'sess_read',
'sess_write','sess_destroy', 'sess_gc');
Specifically, my suspicion is that the sess_gc() function is deleting sessions
incorrectly (ie. prematurely).
QUESTIONS:
1. Why the custom session handling code? Was it for scaling with multiple
servers? If I has only one server (a simple environment), what does storing the
sessions in a database accomplish?
2. If I disabled the garbage collection code (sess_gc) and allowed the stale
sessions to collect rather than have them deleted, what would the impact of
that be other than disk space in the database? I might manually hoof them all
once a week.
3. If the answer to the final part of #1 is "not a lot", what would happen if I
did not install the custom session handlers and just let PHP's own code do it?
I might be all wet and not understanding at all what the code is supposed to
do. If so, please forgive me. However, I have users who really want to use
RoundCube but the session expiry bug is killing them. I need a tactical
solution until the real issue is addressed.
Thanks!
..Bruce
On Mon, 4 Sep 2006 10:05:35 -0400, "Mr. B. Vrieling" <[EMAIL PROTECTED]> wrote:
> Hello,
>
> On Thu, 31 Aug 2006 11:48:36 -0300 (ART), Martin Marques
> <[email protected]> wrote:
>> My problem is not when composing, but when reading the message list.
>>
>> BTW, setting ip_check to false didn't fix anything.
>>
>> Another thing. This happens when I execute lots of actions, like hitting
>> the delete botton lots of times.
>
> I can confirm that after setting my session lifetime to 30 and setting
> IP_CHECK to FALSE, the problem has not been fixed. My sessions continue to
> expire at odd times, most annoyingly during message creation and sending.
> (I don't have caching enabled, and this is on an uptodate FC5 server
> running 0.1beta2.)
>
> Is there an easy way to just turn session expiring OFF entirely? Hoofing
> that functionality is better than the current situation.
>
> Thanks.
>
> ..Bruce
