删除过期会话 [英] Removing Expired Sessions
问题描述
这是我第一次发帖.我相信我已经搜索了一些其他论坛,看看我的问题是否已经被问到,但我仍然摸不着头脑.我知道有很多关于过期会话的帖子,但我想是根据特定情况考虑的.
This is my first time posting. I believe I've searched through a bit of the other forums to see if my question has already been asked, but I'm still left scratching my head. I know there's a lot of postings about expired sessions, but I'm thinking in terms of a specific scenario, I guess.
用户登录仪表板并转到一个页面.它闲置多久,然后垃圾收集器做它的事情并清除会话.
A user is logged into the Dashboard and goes to a page. It sits idle for how ever long, then the garbage collector does its thing and clears the session.
现在,如果用户返回仪表板并单击以转到另一个页面,我希望用户返回索引页面 - 有效地注销.
Now, if the user goes back to the Dashboard and clicks to go to another page, I would like to have the user return to the index page - effectively log out.
我有一个注销页面,用户可以在他们选择注销时转到该页面.我在数据库中记录一些数据,删除会话并重定向回主页.
I have a logout page that the user can go to when they choose to log out. I record some data in the database, remove the session and redirects back to the home page.
我想首先检查会话是否确实存在.如果没有,销毁它并重定向到主页.否则,删除它.
I would like to first check if the session is indeed alive. If not, destroy it and redirect to the home page. Otherwise, delete it.
但我的问题是,如果垃圾收集器已经清除了会话,我还需要销毁它吗?
But my question is, if the garbage collector had already cleared the session, do I even need to destroy it?
<?php
session_start( );
if( !isset( $_SESSION['session'] ) ) {
session_destroy( );
header( "Location: /index.php" );
}
else {
// ... log the data I need in the database ...
$_SESSION['session'] = array( );
if( ini_get( "session.use_cookies" ) ) {
$params = session_get_cookie_params( );
setcookie( session_name( ), '', time( ) - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"] );
}
session_destroy( );
header( "Location: /index.php" );
}
?>
推荐答案
session_start() 和 session_destroy() 与垃圾收集器并没有你想象的那样工作他们是.他们利用内部适配器允许 PHP 与持久层(通常是文件系统,在本例中为浏览器 cookie)对话,以提取会话信息.
session_start() and session_destroy() aren't working with the garbage collector the way you think they are. They're utilizing internal adapters to allow PHP to talk to a persistence layer (generally the filesystem, in this case, the browsers cookies), to extract session information.
当您调用 session_destroy() 时,您正在做的是指示您的会话 ADAPTER 销毁会话,而不是 PHP.PHP 垃圾会不断收集会话内存使用情况,但仍会维护对会话数据的适配器持久性的引用.
What you're doing when you call session_destroy(), is you're instructing your session ADAPTER to destroy the session, not so much PHP. PHP garbage collects the session memory usage constantly, but still maintains reference to the adapters persistence of the session data.
所以,是的,你必须调用它,除非你已经销毁了它.
So, yes, you have to call it, unless you destroyed it already.
这篇关于删除过期会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
