bbs.hsiao.net 交流論壇

A space to build your networks 一片讓您建立您人脈的天地
http://bbs.hsiao.net/

CGI::Session can not remove the expired sessions from DSN

http://bbs.hsiao.net/viewtopic.php?t=107

Page 1 of 1

CGI::Session can not remove the expired sessions from DSN

Posted: Wed Oct 29, 2008 7:55 pm
by cah
After numerous tries, I found out CGI:Session can not remove expired sessions from DSN.

I even looked into Session.pm and MySQL.pm.

The following code is in sub load() and flush() from Session.pm:

Code: Select all

sub load
..........

    # checking for expiration ticker
    if ( $self->{_DATA}->{_SESSION_ETIME} ) {
        if ( ($self->{_DATA}->{_SESSION_ATIME} + $self->{_DATA}->{_SESSION_ETIME}) <= time() ) {
            $self->_set_status( STATUS_EXPIRED );    # <-- so client can detect expired sessions
            $self->_set_status( STATUS_DELETED );   # <-- session should be removed from database
            $self->flush();             # <-- flush() will do the actual removal!
            return $self;
        }
    }

Code: Select all

sub flush
..........

    if ( $self->_test_status(STATUS_DELETED) ) {
        defined($driver->remove($self->id)) or return $self->set_error( "flush(): couldn't remove session data: " . $driver->errstr );
            $self->{_DATA} = {};  # <-- removing all the data, making sure
                                           # it won't be accessible after flush()
        return $self->_unset_status(STATUS_DELETED);
    }
It looks like line# 83 in MySQL.pm under CGI/Session does not work:

Code: Select all

MySQL.pm
-------------
# removes the given data and all the disk space associated with it
sub remove {
    my ($self, $sid, $options) = @_;

    my $dbh = $self->MySQL_dbh($options);
    my $lck_status = $dbh->selectrow_array(qq|SELECT GET_LOCK("$sid", 10)|);
    unless ( $lck_status == 1 ) {
        $self->error("Couldn't acquire lock on id '$sid'. Lock status; $lck_status");
        return undef;
    }

    $dbh->do(qq|DELETE FROM $TABLE_NAME WHERE id=?|, undef, $sid);  =====> #83
    $lck_status = $dbh->selectrow_array(qq|SELECT RELEASE_LOCK("$sid")|);
    unless ( $lck_status == 1 ) {
        $self->error("Couldn't release lock of '$sid'. Lock status: $lck_status");
        return undef;
    }

    return 1;
}
The following are my scripts:

Logout section works!
-----------------------

Code: Select all

if ($cgi->param('action') eq 'logout') {
  $session = CGI::Session->load("driver:MySQL", $cgi, {Handle=>$dbh}) or die CGI::Session->errstr;
  $session->delete();
# flush is needed, otherwise, it does not remove the session from DSN (MySQL)
  $session->flush();
  print $session->header(-location=>'thankyou.html');
}
When a session expires, load() returns an empty session but does not remove the session from MySQL table (sessions):

Code: Select all

$session = CGI::Session->load("driver:MySQL", $cgi, {Handle=>$dbh}) or die CGI::Session->errstr();
I tried to get a response from the author but he did not respond.
I then posted a question in CPAN forum to see if I can get a response.
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited