perl-asp mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Chamas <>
Subject Re: Delete Session from Another User or Program
Date Wed, 05 Nov 2003 06:34:15 GMT
Stuart Johnston wrote:
> In our application, we track failed login attempts through the Session. 
>  If a user fails to login three times, they are locked out of the sytem 
> until their Session expires.
> We ocassionally have users call and ask us to reset their session when 
> they have been locked out.  I would like to have a way for an 
> Administrative user to delete someone else's session.  This could be 
> from within the Apache::ASP application or from a seperate script.
> Has anyone implemented something like this?  Any suggestions?

When you go to expire the session, places its ID in $Application, say
in $Application->{FailedSessions} or some such.  Then you can restore
the original session via the same $Application object with this API:

It is used like:

   my $restore_session = $Application->GetSession($session_id);

Use of $Session and $Application should only be for data that you really
need to persist in this way so be careful of how much you actually choose
to store in them.

For deleting a session, there is no API for this, however, you can do
something just as good by restoring the session, and then destroying its
contents like ..

   my $restore_session = $Application->GetSession($session_id);
   %$restore_session = ();

You could also try to expire it, but I have not tried that before, but
it could certainly work at this point.  $restore_session->Abandon might
work just as well at this point.



Josh Chamas, Founder                   phone:925-552-0128
Chamas Enterprises Inc.      
NodeWorks Link Checker       

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message