如何让 CGI::Session 在一定时间间隔后过期?
看起来 CGI::Session expire() 函数仅在用户空闲指定时间间隔后才过期。我假设空闲意味着用户没有刷新页面或访问任何其他页面。
虽然我看到您可以通过使用 delete() 强制会话过期,但我没有看到一种自动强制会话过期的方法,无论使用是否空闲。
也许这不是理想的用户体验,但为了理解,有没有一种方法可以做到这一点,而无需跟踪时间间隔或使用任何其他库?
另外,如果会话在过期时返回一个新会话,那么 CGI::Session::is_expired 的意义何在?至少我的脚本似乎无法达到过期状态
sub build_sss{
my($this) = shift;
$cgi = $this->cgi_obj();
my $sid = $this->sid();
my $sss = CGI::Session->load(undef, $cgi, {Directory=>'tmp'}) or die CGI::Session->errstr();
#check expired session
if ( $sss->is_expired() ) {
my $expired_url = $ENV{'SCRIPT_URI'}.'?expired='.$sid;
$this->session_status("SESSION_EXPIRED");
print $cgi->redirect($expired_url); #when expired param is set shows a msg
}
#check if empty create new
if ( $sss->is_empty() ) {
$sss = $sss->new() or $sss->errstr;
$this->session_status("SESSION_NEW");
$sss->expire('30s');
$sss->expire(_TEST_SUB_SESSION => '15s');
}
return $sss;
}
It seems like CGI::Session expire() function only expires after a user is idle for a specified interval. I'm assuming by idle they mean a user hasnt refreshed the page or accessed any others.
While I see that you can force the session to expire by using delete(), what I dont see is a way to automatically force the session to expire whether the use has been idle or not.
Maybe this is not a desired user experience, but for sake of understanding is there a way to do this without having to track the time interval or using any additional libraries?
Also what is the point of CGI::Session::is_expired if session returns a new one when it expires anyway? At least it seems I can't get to an expired state with my script
sub build_sss{
my($this) = shift;
$cgi = $this->cgi_obj();
my $sid = $this->sid();
my $sss = CGI::Session->load(undef, $cgi, {Directory=>'tmp'}) or die CGI::Session->errstr();
#check expired session
if ( $sss->is_expired() ) {
my $expired_url = $ENV{'SCRIPT_URI'}.'?expired='.$sid;
$this->session_status("SESSION_EXPIRED");
print $cgi->redirect($expired_url); #when expired param is set shows a msg
}
#check if empty create new
if ( $sss->is_empty() ) {
$sss = $sss->new() or $sss->errstr;
$this->session_status("SESSION_NEW");
$sss->expire('30s');
$sss->expire(_TEST_SUB_SESSION => '15s');
}
return $sss;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
更新: 所以,是的,如果您希望会话根据创建时间过期,则必须对 CGI::Session 进行子类化
1) 确保您拥有最新版本的 CGI::Session
2)阅读CGI::Session::教程
3)编写程序来证明您的主张,例如CGI::Session expire demo
update: so yeah, if you want a session to expire based on creation time, you have to subclass CGI::Session
1) make sure you have latest version of CGI::Session
2) read CGI::Session::Tutorial
3) write programs that prove your claims, like this CGI::Session expire demo
从文档中:
“is_empty() - 对于空的会话返回 true。这是测试请求的会话是否已成功加载的首选方法”
我不明白您如何尝试在会话过期的情况下使会话过期空的?
您的意思也许是:
From the documentation:
"is_empty() - Returns true for sessions that are empty. It's preferred way of testing whether requested session was loaded successfully or not"
I don't understand how you are trying to expire a session on the condition that it is empty?
Did you perhaps mean: