开发者

Ending php sessions for debugging purposes

This might be very easy to do, but I haven't been able to figure it out.

Basically, I have a loosely couple we开发者_StackOverflowb-app written in python and php. The python code uses PHP sessions (generated from the PHP app when the user logs in) to check if the user is logged in/has permission to access the given python resource.

My question is this: What is the easiest way to force all active sessions to timeout. I would like to do this for debugging purposes, to test out the python code. I tried changing the session.max_lifetime PHP variable, but that still doesn't guarantee that the session has ended and is removed.

I tried just deleting the file, but this seems to cause problems (when i refresh the php page, errors show up in my apache logs and it won't reload quickly)

Any ideas?


Just found this on another question: cleanup php session files

You might try setting your gc_maxlifetime to a low value, like 0 or 1 (I haven't tried this, but it seems reasonable) using the ini_set() function.

http://ar.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime

Another thing to try would be deleting all the files in your session.save_path folder. This would require the proper file permissions, of course, but it might be a better option.


I know of no central way of cleanly ending all sessions for all clients.

To end all sessions, I would create a file with a defined name (e.g. end.txt) in a defined location within the app.

Your bootstrap file (or wherever you initialize your sessions) would, immediately after starting the session, check whether that file exists; if it does, do a session_destroy() and unset all cookies.

With this method, you would have to remove the end.txt file manually.


Deleting the session file on the server will not delete the sesison cookie on the client side. You can delete the session cookie which will "kill" the session. Or you can simple use session_unset() to destroy the session server side.

You might also need to use session_destroy() and also unset the session cookie (to do so look at the session_unset comments to find out how).

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜