Closed Bug 421055 Opened 13 years ago Closed 13 years ago

disable session auto start in CakePHP 1.19

Categories

(addons.mozilla.org Graveyard :: Public Pages, defect)

defect
Not set
blocker

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: morgamic, Assigned: clouserw)

References

Details

Attachments

(2 files)

Cake is starting sessions on every request, causing the cake_sessions table to spiral out of control then lock up when garbage collection is invoked.

This is why we rolled back the latest update on the 3.1 branch in bug 420350.  This blocks that update.
Assignee: nobody → morgamic
Status: NEW → ASSIGNED
Assignee: morgamic → clouserw
Status: ASSIGNED → NEW
Wil has been workin on it.
Status: NEW → ASSIGNED
Attached patch fix sessionsSplinter Review
Cake is bypassing the constructors and calling startUp() on all it's components.  That means our little cookie check didn't work anymore.  I added the check to the __start() function as well as fixed up some other code.  The code is commented, so I won't go over it all again here.
Attachment #307434 - Flags: review?
Comment on attachment 307434 [details] [diff] [review]
fix sessions

Looks good and works for me.
Attachment #307434 - Flags: review? → review+
r10970
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
We should merge this onto 3.1 in the AM.
(In reply to comment #5)
> We should merge this onto 3.1 in the AM.
> 

Ok, patch is on 3.1, r11010.  Is there a stage for 3.1, or can someone test it?
Attached patch fix cookie pathsSplinter Review
We had some complaints about people having to clear cookies before being able to log in.  I did some more investigation and ran across another fix.

When we start sessions manually we were starting them with a path of '/', but when we asked Cake to destroy the session it was trying to destroy a cookie with (possibly) another path.  That means the cookies wouldn't go away, but the sessions would, so the cookie existed but the session didn't.

The Session component is a special case in Cake and gets manually tweaked with the components are loading.  I stole the code that figures out the base path when the components are loading and stuck it in when we manually start a session so the paths should be equivalent.
Attachment #307833 - Flags: review?(morgamic)
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(In reply to comment #7)
> Created an attachment (id=307833) [details]
> fix cookie paths
> 
> We had some complaints about people having to clear cookies before being able
> to log in.  I did some more investigation and ran across another fix.
> 
> When we start sessions manually we were starting them with a path of '/', but
> when we asked Cake to destroy the session it was trying to destroy a cookie
> with (possibly) another path.  That means the cookies wouldn't go away, but the
> sessions would, so the cookie existed but the session didn't.
> 
> The Session component is a special case in Cake and gets manually tweaked with
> the components are loading.  I stole the code that figures out the base path
> when the components are loading and stuck it in when we manually start a
> session so the paths should be equivalent.

I filed this separately as bug 421223...
Blocks: 421223
Comment on attachment 307833 [details] [diff] [review]
fix cookie paths

Works for me with old cookies.
Attachment #307833 - Flags: review?(morgamic) → review+
Thanks Mike.  r11051
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
This was pushed 3/6, 8pm.
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.