demianturner
commented
11 years ago [demian] this does sound like a good improvement, i'm leaving it for the 2.0 branch
Open demianturner opened 11 years ago
demianturner
commented
11 years ago [demian] this does sound like a good improvement, i'm leaving it for the 2.0 branch
When regenerating the session id, SGL_Session tries to unlink the old session file. As the file was not generated by script, I get an permission denied error and the old file keeps in memory. (And so the old session is still valid for the set lifetime)
This may sometimes make sense, so perhaps an extra parameter would be a good choice. Currently SGL tries to delete it, so we could also just use the optional parameter of session_regenerate_id() to delete the old session file. (parameter added on version 5.1.0)
Patch doing this is attached. If you want to add support for database sessions, you also have to update the record in database. I am not sure, if you have plans on adding this again?!?