That makes indeed sense. Thanks a lot Fabien, Michael
On Oct 1, 4:43 pm, Fabien Potencier <[EMAIL PROTECTED] project.com> wrote: > Nicolas will answer you today. Short answer: we cannot remove the old > session because an Ajax request can come in before the new session has > been updated in the browser. So, you need to configure your session > garbage collector properly. > > Fabien > > -- > Fabien Potencier > Sensio CEO - symfony lead developer > sensiolabs.com | symfony-project.com | aide-de-camp.org > Tél: +33 1 40 99 80 80 > > [EMAIL PROTECTED] wrote: > > Up ... > > > Michael > > > On Sep 28, 10:40 am, "[EMAIL PROTECTED]" > > <[EMAIL PROTECTED]> wrote: > >> Please devs, > > >> i'd be pleased to hear a statement here. Because if the current > >> implementation stays, i have to write my own regenerate() method (and > >> many others), which updates the session id in the database. Again, the > >> current revision leaves a session entry in the database, after > >> creating a new one. > > >> The php function session_regenerate_id($destroy), with $destroy = true > >> (to destroy the old session), works only for "file" based > >> sessions.http://www.php.net/manual/en/function.session-regenerate-id.php#83842 > > >> There was an updateSessionId() method in one of the revisions before, > >> which handled it correctly, but it was removed again. If you ever need > >> a function for retrieving the current online users (from database > >> sessions), you will also get the old unused sessions with the current > >> symfony version (1.1, 1.2). > > >> Just a quick answer please, "It will stay" or "It will be fixed", and > >> i can deal with it. > > >> Thank you very much, > >> Michael > > >> On Sep 13, 12:15 pm, "[EMAIL PROTECTED]" > > >> <[EMAIL PROTECTED]> wrote: > >>> Hi devs, hi Nicolas, > >>> the current revisionhttp://trac.symfony-project.org/changeset/10589 > >>> does not include the updateSessionId() method anymore. This is however > >>> necessary because session_regenerate_id(TRUE) works only for file > >>> sessions. If you use databasesession, you have to update thesession > >>> id. If you don't, a newsessionis beeing inserted and the old is not > >>> deleted, anytime the authentication changes. This is bad if you'd like > >>> to query thesessiontable for active sessions ... > >>> I'm sure there must be a reason for removing this method. In case i > >>> missed it, sorry :o( But could somone explain why the oldsession > >>> should stay in the database ... ? > >>> Thanks in advance, > >>> Michael Piecko --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
