Forums / Developer / Engineering: feedback about LastAccessesURI & redirects

Engineering: feedback about LastAccessesURI & redirects

Next topic

Author	Message
Bertrand Dunogier	Thursday 22 July 2010 1:42:21 am Hi developers, we are currently refactoring our session management in order to implement session-less anonymous users & move away from forced DB based sessions in order to remove this performance bottleneck. Two commonly used session variables are LastAccessesURI, and LastAccessedModifyingURI. These are set in index.php, after a module/view has correctly executed, and are used as fallback when it comes to redirecting the user after an action. Using the session for this is quite bad for several reasons (doesn't cope well with multiple browser windows, unusable for sessionless users, etc). We would like your feedback about your usage of this feature in your extensions & work, so that we figure out the best way to replace this feature, and how it should be deprecated (if deprecated at all). Bertrand Dunogier eZ Systems Engineering, Lyon http://twitter.com/bdunogier http://gplus.to/BertrandDunogier
Andrew Duck	Thursday 22 July 2010 1:47:03 am I currently use both but given the performance benefits I am open to changing this out for another method. What alternatives are you considering at the moment as a way to replace this functionality? Andrew Duck, Executive Director, Quiqcorp Limited eZ Certified Developer and Trainer. Member of the Community Project Board http://quiqcorp.com \| http://twitter.com/andrewduck
Gaetano Giunta	Thursday 22 July 2010 2:55:14 am - putting things in session is bad. for perfs, and for tabs. Putting things into cookies is better, but unless we find a way to make it cope with multiple tabs open, it basically means you have to carry that info around appending it to your urls everywhere (argh) - the best way to avoid having to stuff LastAccessesURI in every url is to add it as post var and make every view that redirects accept that parameter - that would be a huge boon in any case - please make an ini setting that allows the site owner to switch back to always-use-a-session-for-anon-users if he wants. I think we have users that like to track their site visitors in a very detailed way - or extensions that just assume that a session is always there Principal Consultant International Business Member of the Community Project Board
Bertrand Dunogier	Thursday 22 July 2010 2:59:05 am Well, there are two possible approaches: standardize a POST variable that can be used for redirections (RedirectURI is the most likely candidate) remove the need for this variable in the kernel code, so that there always is an alternative Do you think you'll be facing situations where you can't pass a variable along ? " - the best way to avoid having to stuff LastAccessesURI in every url is to add it as post var and make every view that redirects accept that parameter - that would be a huge boon in any case " Yes, of course. RedirectURI as explained above. Making it used by default everywhere is a bit more risky, but it might be possible. " - please make an ini setting that allows the site owner to switch back to always-use-a-session-for-anon-users if he wants. I think we have users that like to track their site visitors in a very detailed way - or extensions that just assume that a session is always there " Yep, we have that. We actually have one setting that forces a session for anonymous users, and another one that forces LastAccessesURI (sigh...) & LastAccessedModifyingURI for users with a session. If you enable both, the URIs will always be stored. Bertrand Dunogier eZ Systems Engineering, Lyon http://twitter.com/bdunogier http://gplus.to/BertrandDunogier
Andrew Duck	Thursday 22 July 2010 3:10:54 am Standardised POST variable sounds good to me. Andrew Duck, Executive Director, Quiqcorp Limited eZ Certified Developer and Trainer. Member of the Community Project Board http://quiqcorp.com \| http://twitter.com/andrewduck
Jérôme Vieilledent	Thursday 22 July 2010 5:33:19 am Same for me : Standardised POST variable, with a BC INI setting (disabled by default)