----- Original Message ----- From: "Chris McDonough" <chrism@zope.com> To: "Pawel Lewicki" <lewicki@provider.pl>; <zope@zope.org> Sent: Friday, July 19, 2002 5:57 AM Subject: Re: [Zope] How to touch session_data without fingerprints???
You have found a bug. :-(
What hasSessionData does is just return "not not getSessionData(create=0)" (which returns either 1 or 0 depending on whether getSessionData returns a session data object).
The problem with this is that the "create" flag doesn't mean "dont create a session data object", it means "dont assign a browser id". If the user coming in already has a browser id cookie, a session data object will nonetheless be created as a result of hasSessionData. :-(
A workaround for now is (maybe in an external method) to use the _hasSessionDataObject method of the session data manager, which takes a single parameter, "key". The key should be the user's browser id, which can be obtained by calling the getBrowserId method of the browser id manager with the parameter "create=0". If the user has no browser id, of course you can't call _hasSessionDataObject, and it's safe to assume that he has no session data object.
I'm not sure if it will help. Each simple touch of the session object results in creation of the new entry in temp_folder/session_data. I didn't realize that it happens even in my function counting its elements. :((( If anybody had any idea how to avoid I would be grateful. If not I will have to forget about sessions and program registration method (but how to check logouts by cookies expiration :( Pawel Lewicki