[Typo3-dev] logout doesn't kill fe session?

Christian Jul Jensen christian at jul.net
Wed May 12 17:26:23 CEST 2004


"Martin T. Kutschker" <Martin.no5pam.Kutschker at blackbox.n0spam.net> writes:


> I still wonder why the session records hang around.

As far as I remember this is the case:

in t3lib_userauth (which feuserauth is inherited from) there's a
function called logoff, whic actually deletes the session in the
session_table. The problem is if people does not logout, then the
entry is left in the table, but their seesion cookie is killed by the
browser.

Then you also have a function called gc, garbagecollector that tries
to randomly delete some of the entries.

If the entry is not deleted when you log out, that is a bug. But you
cannot know when people are gone if they don't log out.

--
Julle




More information about the TYPO3-dev mailing list