Regarding CDbHttpSession

prozn7 · March 4, 2012, 1:47pm

Hello fellow Yii enthusiast!

I have a few questions regarding how CDbHttpSession works and I would like to be clarified about it.

Why do for every session, there is always an insert to the database?.. I don’t get the purpose. (I’m thinking of a per-user basis, like user_id on the sessions table so that only 1 session record will correspond to the user)
How do we extend CDbHttpSession in such a way that, if a user logs in to a different machine/browser, the previous active session will be terminated

Similar to this: Single Login Auth (I don’t get Y!!'s point here)

phtamas · March 4, 2012, 3:35pm

Probably because CDbHttpSession was designed to work as a session storage handler, not to change the way PHP sessions work.

redguy · March 4, 2012, 9:06pm

ad 1) CDbHttpSession should work like standard php session - one record for evere session (user). if you get new record for every request - check if cookie is properly generated and if your browser accept it.

ad 2) An enhaced version of CDbHttpSession which extra checks for Full Ip Address/Partial Ip Address and User Agent

prozn7 · March 5, 2012, 12:28pm

Thanks for your replies!! I have some follow-up questions:

what is ‘expires’ in the CDbHttpSession database column? … is it similar to date created or last updated?..

redguy · March 5, 2012, 12:45pm

Expires is expires… it is a timestamp (unix format) when this session data should expire. Expires = created_at + time_to_live