eZ Community » Forums » Developer » Engineering: feedback about...
expandshrink

Engineering: feedback about LastAccessesURI & redirects

Engineering: feedback about LastAccessesURI & redirects

Thursday 22 July 2010 10:42:21 am - 5 replies

Hi developers,

we are currently refactoring our session management in order to implement session-less anonymous users & move away from forced DB based sessions in order to remove this performance bottleneck.

Two commonly used session variables are LastAccessesURI, and LastAccessedModifyingURI. These are set in index.php, after a module/view has correctly executed, and are used as fallback when it comes to redirecting the user after an action.

Using the session for this is quite bad for several reasons (doesn't cope well with multiple browser windows, unusable for sessionless users, etc).

We would like your feedback about your usage of this feature in your extensions & work, so that we figure out the best way to replace this feature, and how it should be deprecated (if deprecated at all).

Thursday 22 July 2010 10:47:03 am

I currently use both but given the performance benefits I am open to changing this out for another method.

What alternatives are you considering at the moment as a way to replace this functionality?

Thursday 22 July 2010 11:55:14 am

- putting things in session is bad. for perfs, and for tabs. Putting things into cookies is better, but unless we find a way to make it cope with multiple tabs open, it basically means you have to carry that info around appending it to your urls everywhere (argh)

- the best way to avoid having to stuff LastAccessesURI in every url is to add it as post var and make every view that redirects accept that parameter - that would be a huge boon in any case

- please make an ini setting that allows the site owner to switch back to always-use-a-session-for-anon-users if he wants. I think we have users that like to track their site visitors in a very detailed way - or extensions that just assume that a session is always there

Thursday 22 July 2010 11:59:05 am

Well, there are two possible approaches:

  • standardize a POST variable that can be used for redirections (RedirectURI is the most likely candidate)
  • remove the need for this variable in the kernel code, so that there always is an alternative

Do you think you'll be facing situations where you can't pass a variable along ?

- the best way to avoid having to stuff LastAccessesURI in every url is to add it as post var and make every view that redirects accept that parameter - that would be a huge boon in any case

Yes, of course. RedirectURI as explained above. Making it used by default everywhere is a bit more risky, but it might be possible.

- please make an ini setting that allows the site owner to switch back to always-use-a-session-for-anon-users if he wants. I think we have users that like to track their site visitors in a very detailed way - or extensions that just assume that a session is always there

Yep, we have that. We actually have one setting that forces a session for anonymous users, and another one that forces LastAccessesURI (sigh...) & LastAccessedModifyingURI for users with a session. If you enable both, the URIs will always be stored.

Modified on Thursday 22 July 2010 12:02:27 pm by Bertrand Dunogier

Thursday 22 July 2010 12:10:54 pm

Standardised POST variable sounds good to me.

Thursday 22 July 2010 2:33:19 pm

Same for me : Standardised POST variable, with a BC INI setting (disabled by default)

expandshrink

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from