Ticket #1688 (assigned defect)

Opened 5 years ago

Last modified 4 years ago

Session - unlinking old session file throws permission denied exception

Reported by: biggs Assigned to: demian (accepted)
Priority: normal Milestone: 2.0
Component: not categorised Severity: open
Keywords: session,unlink Cc:

Description

When regenerating the session id, SGL_Session tries to unlink the old session file. As the file was not generated by script, I get an permission denied error and the old file keeps in memory. (And so the old session is still valid for the set lifetime)

This may sometimes make sense, so perhaps an extra parameter would be a good choice. Currently SGL tries to delete it, so we could also just use the optional parameter of session_regenerate_id() to delete the old session file. (parameter added on version 5.1.0)

Patch doing this is attached. If you want to add support for database sessions, you also have to update the record in database. I am not sure, if you have plans on adding this again?!?

Attachments

SessionUpdate.patch.txt (0.9 kB) - added by biggs on 10/30/08 06:56:25.

Change History

10/30/08 06:56:25 changed by biggs

  • attachment SessionUpdate.patch.txt added.

12/10/08 15:41:12 changed by demian

  • owner changed from somebody to demian.
  • status changed from new to assigned.

this does sound like a good improvement, i'm leaving it for the 2.0 branch

02/08/10 13:10:49 changed by demian

  • milestone changed from 2.0 to 0.9.1 - polishing.

02/22/10 10:26:38 changed by demian

  • milestone changed from 0.9.1 - polishing to 2.0.