You are viewing a plain text version of this content. The canonical link for it is here.

Posted to zeta-dev@incubator.apache.org by james pic <ja...@gmail.com> on 2011/06/15 12:11:33 UTC

[zeta-dev] Re: Review Request: Session timeout

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/783/#review844
-----------------------------------------------------------



trunk/Authentication/src/session/authentication_session.php
<https://reviews.apache.org/r/783/#comment1827>

    why not use a local variable for that ? would it make the code more readable and easier to debug ?


- james


On 2011-05-25 08:23:39, Jérôme Renard wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/783/
> -----------------------------------------------------------
> 
> (Updated 2011-05-25 08:23:39)
> 
> 
> Review request for zetacomponents.
> 
> 
> Summary
> -------
> 
> Added a new ezcAuthenticationSessionOptions::idleTimeOut option to handle user's inactivity.
> 
> 
> This addresses bug ZETACOMP-81.
>     https://issues.apache.org/jira/browse/ZETACOMP-81
> 
> 
> Diffs
> -----
> 
>   trunk/Authentication/src/options/session_options.php 1125639 
>   trunk/Authentication/src/session/authentication_session.php 1125639 
>   trunk/Authentication/tests/session/session_test.php 1125639 
> 
> Diff: https://reviews.apache.org/r/783/diff
> 
> 
> Testing
> -------
> 
> Added two new unit tests :
> - ezcAuthenticationSessionTest::testSessionIsValidIdleTimeout()
> - ezcAuthenticationSessionTest::testSessionIsValidIdleTimeoutExpired()
> 
> php ./UnitTest/src/runtests.php --filter=ezcAuthenticationSessionTest --verbose Authentication
> PHPUnit 3.5.10 by Sebastian Bergmann.
> 
> Zeta Components:                        
> 
>   Authentication:                       
>     ezcAuthenticationGeneralTest:       
>     ezcAuthenticationSessionTest:       ............
> [...]
> 
> 
> Thanks,
> 
> Jérôme
> 
>

[zeta-dev] Re: Review Request: Session timeout

Posted by Jerome Renard <je...@gmail.com>.

Hi James,

2011/6/16 James Pic <ja...@gmail.com>:
> I was thinking of:
> $lastActivity = time() - $_SESSION[$this->options->lastActivityTimestampKey]
> if ( isset( $_SESSION[$this->options->lastActivityTimestampKey] ) &&
> $lastActivity >= $this->options->idleTimeout )
> What do you think ?
>

Then we would forced to do this :

$lastTimestampKey = false;
if ( isset( $_SESSION[$this->options->lastActivityTimestampKey] )
{
    $lastTimestampKey = $_SESSION[$this->options->lastActivityTimestampKey];
    $lastActivity = $now - $_SESSION[$this->options->lastActivityTimestampKey];
}

if ( $lastTimestampKey && $lastActivity >= $this->options->idleTimeout )
{
    $this->destroy();
    $this->regenerateId();
    return self::STATUS_EXPIRED;
}

I am not sure it is more readable, what do you think ?

Have a nice day :)

-- 
Jérôme Renard
http://39web.fr | http://jrenard.info | http://twitter.com/jeromerenard

[zeta-dev] Re: Review Request: Session timeout

Posted by James Pic <ja...@gmail.com>.

I was thinking of:

$lastActivity = time() - $_SESSION[$this->options->lastActivityTimestampKey]

if ( isset( $_SESSION[$this->options->lastActivityTimestampKey] ) &&
$lastActivity >= $this->options->idleTimeout )

What do you think ?

[zeta-dev] Re: Review Request: Session timeout

Posted by Jérôme Renard <je...@gmail.com>.


> On 2011-06-15 12:11:33, james pic wrote:
> > trunk/Authentication/src/session/authentication_session.php, line 136
> > <https://reviews.apache.org/r/783/diff/1/?file=19578#file19578line136>
> >
> >     why not use a local variable for that ? would it make the code more readable and easier to debug ?

A local variable for time() ? If yes, then you are right, I will fix this.


- Jérôme


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/783/#review844
-----------------------------------------------------------


On 2011-05-25 08:23:39, Jérôme Renard wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/783/
> -----------------------------------------------------------
> 
> (Updated 2011-05-25 08:23:39)
> 
> 
> Review request for zetacomponents.
> 
> 
> Summary
> -------
> 
> Added a new ezcAuthenticationSessionOptions::idleTimeOut option to handle user's inactivity.
> 
> 
> This addresses bug ZETACOMP-81.
>     https://issues.apache.org/jira/browse/ZETACOMP-81
> 
> 
> Diffs
> -----
> 
>   trunk/Authentication/src/options/session_options.php 1125639 
>   trunk/Authentication/src/session/authentication_session.php 1125639 
>   trunk/Authentication/tests/session/session_test.php 1125639 
> 
> Diff: https://reviews.apache.org/r/783/diff
> 
> 
> Testing
> -------
> 
> Added two new unit tests :
> - ezcAuthenticationSessionTest::testSessionIsValidIdleTimeout()
> - ezcAuthenticationSessionTest::testSessionIsValidIdleTimeoutExpired()
> 
> php ./UnitTest/src/runtests.php --filter=ezcAuthenticationSessionTest --verbose Authentication
> PHPUnit 3.5.10 by Sebastian Bergmann.
> 
> Zeta Components:                        
> 
>   Authentication:                       
>     ezcAuthenticationGeneralTest:       
>     ezcAuthenticationSessionTest:       ............
> [...]
> 
> 
> Thanks,
> 
> Jérôme
> 
>