Posted on: 03/24/04 10:46am
By: swampfox
I'm running 1.3.9 (thanks, all!), and I'm trying to track down an annoying problem where my "Who's Online" is showing me but none of my other users.
So I started reading the code to figure out how it works, etc. And it seems that what I have here is a user whose session has expired (at least, according to the whosonline_threshold setting of 300 seconds), but the entry is never cleared out.
It's also never updated, even when that user does something, presumably because it's not being cleared out. Or some such.
What I can't figure out is why the DELETE to "Clear out any expired sessions" at line 308 of lib-common.php is restricted to WHERE uid=1 (i..e., anonymous users only). Shouldn't it clear out ALL expired sessions, so that users continuing to be active will INSERT a new session and a new start_time and show up properly in the "who's online" block?
Or, failing that, shouldn't the query for Who's Online only ignore expired sessions for anonymous users (if logged-in users aren't ever going to be expired)?
It just seems to me that there's a little disconnect between how the Who's Online block determines who's currently active, using the gl_sessions table, and how that table itself is kept up-to-date.
Can someone enlighten me?
Session expiration and Who's Online
Posted on: 03/26/04 09:36am
By: swampfox
Oh please, oh please...ANY ideas, even guesses? Anyone?
Session expiration and Who's Online
Posted on: 03/26/04 01:21pm
By: Dirk
I'm not really in the mood now to dive into the sessions code, so just these two hints: The code in lib-common.php is only there to handle pseudo-sessions for anonymous users. The actual session handling (for logged-in users) is in system/lib-sessions.php.
bye, Dirk