Loading ...
Sorry, an error occurred while loading the content.

Re: Question regarding $Session->Abandon

Expand Messages
  • Richard Curtis
    ... Thanks for the answer. I will explain a little bit more about the problem (which I have solved). I dont think the current system needs to be improved... it
    Message 1 of 3 , Feb 25 8:07 AM
    • 0 Attachment
      >> I am having some problems with $Session->Abandon().
      >>
      >> I have the following code on a logout page :
      >> use Data::Dumper;
      >> warnd("b4",Dumper $Session);
      >> $Session->Abandon();
      >> warnd("after",Dumper $Session);
      >> $Response->Redirect("/login/login.asp");
      >>
      >> Each time I print the contents of $Session, even after I have
      >> abandoned it, I get shown the same contents.
      >> "warnd" is a logging function I use which just dumps to a file.
      >>
      >> Why, even after I have abandoned a session, is there still data in the
      >> session object ?
      >>
      >
      > $Session->Abandon makes a session timeout immediately. However,
      > the session data will exist until the session manager cleans up
      > that session, and calls Session_OnEnd on it. The effect of
      > $Session->Abandon
      > timing out a session immediately is that a web browser will get a new
      > session on the *next* web request.
      >
      > A more accurate way to do this might be to call Session_OnEnd immediately,
      > but the problem remains then what state the $Session object is in
      > after $Session->Abandon. If Session_OnEnd is called, it will be deleted.
      > Perhaps one might want a new session created immediately after
      > $Session->Abandon,
      > but the HTTP headers might have already been sent by this time, so the
      > browser would not be aware of it, so that does not seem like a good way
      > to go.

      Thanks for the answer.
      I will explain a little bit more about the problem (which I have solved).

      I dont think the current system needs to be improved... it had worked
      fine for me until I noticed a problem with my logout code.
      I only noticed the fact that the Session->Abandon didnt clear up
      immediately when debugging another issue.

      Incase any other users notice, the version of Konquerer that ships with
      Redhat 7.3 is a bit buggy. When I logged out of my APP, I would go back
      to a login page. I then logged in as a different user, but somehow, it
      thought I was the old user. I couldnt understand as I knew I had
      explicity killed off the session on logout.

      It seems to have been a Konquerer bug because when I upgraded (via Red
      Carpet) it all worked OK.
      So it appears that Konquerer had a caching issue and was reposting the
      *old* credentials from the previous login.

      Anyway, to cut a long story short, the problem is solved, and I dont
      really see any valid reason to change the implementation of
      Session->Abandon at present.

      Richard


      ---------------------------------------------------------------------
      To unsubscribe, e-mail: asp-unsubscribe@...
      For additional commands, e-mail: asp-help@...
    Your message has been successfully submitted and would be delivered to recipients shortly.