Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 777
  • Last Modified:

delete session in perl

hi all,

i am using the next code to delete the session ... my problem that i can enter the link

on the url address  after doing logout.... this mean that the session is stell a live!

use CGI::Session qw/-ip-match/;

#$sid = $cgi->cookie('CGISESSID') || $cgi->param('CGISESSID') || undef;
$sid = param('CGISESSID') || undef;
$session = new CGI::Session(undef, $sid, {Directory=>'/tmp'});

# logout and delete session
if(param('delete') eq "true"){
   $session->clear();
   $session->delete;
   $session->flush();

}


note: i am using expire timeout when creating the session:
         $session = new CGI::Session(undef, $cgi, {Directory=>'/tmp'});                
         $session->save_param($cgi);
         $session->expire(300);
         $sid = $session->id();

please help
thanks.
0
weissman
Asked:
weissman
  • 2
  • 2
2 Solutions
 
arnoldCommented:
You should make sure you have a cron job that goes through deleting session files from /tmp based on file age to deal with sessions that expired where the user did not logout.
As well as make sure not to run out of space or have the wrong data to .....

You might want to refer to
http://search.cpan.org/~sherzodr/CGI-Session-3.95/Session/Tutorial.pm#DELETING_A_SESSION
0
 
weissmanAuthor Commented:
thanks you very much...

it is strange that i need to delete these sessions manualy ! i have read the link you send  and implement te session according to it .... it is strange that they do not said anything about
cron job!

if i change the session to database or anything else should i need also the cron job or it will
done automaticly.

thanks a lot
0
 
arnoldCommented:
Yes, you would need to have a clean-up process just in case.
i.e. some users instead of loging out, close the browser.
If it is in a database, you could as part of the function to add entries, issue a delete for all expired records.  In this case though, you have to make sure that you continually adjusting the expiration every time the user accesses the data so not to delete the session.

another option if you are getting a new session ID, issue a delete to the database deleting any record with this session ID, then insert your new one.
i.e.
session=new session comes up as SDFSDOI
you would then issue a
delete from sesssion_table where session_table where sessionID='SDFSDOI'
this will mean though that your session_table would grow and include old sessions until such time that a previously issued session ID resurfaces.
The existence of old expired sessions will mean you will have more rows that you need in the database and that may impact performance as well as consume more of your space for storing this data.
0
 
weissmanAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now