[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: UU code
sergey@total-knowledge.com wrote:
> I have questions regarding cleaning sessions.
> Possible scenarios below with true/false type of comments:
>
> 1. User not logged-in, then decides to login.
>
> I don't have to open new session after successful login.
> True.
>
> ---------
>
> 2. User not logged-in, browsing a site without registration, then decides
> to register.
>
> I don't have to open new session after successful registration.
> True.
>
> -----------
>
> 3. User logged-in and tries to register
>
> I don't have to open new session after successful registration.
> False.
>
How can this happen? He is already logged in, so he must already be
registered.
> ------------
>
> 4. User logged-in and tries to login with another account
>
> I don't have to open new session after successful login.
> False.
>
Again. This can't happen. Use has to log out first.
> -------------
>
> Please comment.
>
> Also if I need to clear session what function should I use?
> In App.cpp cppserv has
> void killSession(const std::string& sid);
> void cleanSessions();
> void killAllSessions();
>
You can only use functions that are declared in include/servlet/*.h
Nothing else. You can look at that code for reference purposes only,
and even then, if there is difference between what some public function
does, and what comments to that function say it should do, then you
should just file a bug - i.e. you cannot rely on any quirks in
implementation
code, as those can and will change over time.
> It seems like HttpSessionImpl* getSession(true) doesn't start a new
> session if session already exist(or other reasons, I'm not 100% sure yet).
>
That is correct, and that is exactly how it is documented.
If you look at HttpSession function list, you'll find there is an
invalidate()
function though. If you call that, and then call getSession(true), then
you'll
get a new session.
--
Ilya A. Volynets-Evenbakh
Total Knowledge. CTO
http://www.total-knowledge.com