[aur-dev] aur session handling
I never realized that the session storage for the aur is using a custom method, and storing the data in a mysql table. I 'noticed' that there were almost a million rows in the aur session table, from back to early 2005. I deleted all sessions that were older than 3 months, and optimized the table. Perhaps the aur code could: 1) use php sessions 2) provide a cleanup script to purge old sessions after some interval. Thanks.
On Tue, 11 Mar 2008 21:12:39 -0700 eliott <eliott@cactuswax.net> wrote:
I never realized that the session storage for the aur is using a custom method, and storing the data in a mysql table.
Perhaps the aur code could: 1) use php sessions 2) provide a cleanup script to purge old sessions after some interval.
Yeah I patched (0b9283) a bug back in September that was needlessly creating Session IDs. Who knows how long AUR was running that bug. Luckily that's a table that you can purge without major side effects. The table will still have stale entries though if you lost your cookie and have to log in again. We could have a function that runs each time the user logs in that clears SIDs linked to that user older than $LOGIN_TIMEOUT (web/lib/config.inc). We'd just want to increase $LOGIN_TIMEOUT to 24 or 48 hrs rather than just 2 hrs. I recently heard of php sessions. I thought that it might be something to look into as well.
participants (2)
-
eliott
-
Loui