Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logout all users action doesn't work with custom session handlers #15928

Closed
sergant210 opened this issue Dec 4, 2021 · 1 comment · Fixed by #16522
Closed

Logout all users action doesn't work with custom session handlers #15928

sergant210 opened this issue Dec 4, 2021 · 1 comment · Fixed by #16522
Assignees
@sergant210
Labels
bug The issue in the code or project, which should be addressed.

Comments

@sergant210
Copy link
Collaborator

Bug report

Summary

If you have specified your own session handlers, you will not be able to flush all user sessions.

Step to reproduce

  1. Create a new session handler which extends the modSessionHandler class.
  2. Specify it in the system setting "session_handler_class".
  3. Try to logout all users in the admin panel (Manage/Logout all users).

Observed behavior

flush_sessions

There are 2 problems

  1. Corresponding lexicon topic is not loaded.
  2. Sessions are not deleted.

The problem is in the very strange check. So we have got a system setting for extending the handler class, but we cannot change it.

Environment

MODX 2.x, MODX 3 Beta 2.
@sergant210 sergant210 added the bug The issue in the code or project, which should be addressed. label Dec 4, 2021
@sergant210 sergant210 self-assigned this Dec 4, 2021
@Ibochkarev
Copy link
Collaborator

Related #15510

@sergant210 sergant210 mentioned this issue Dec 7, 2021
Closed
@theboxer theboxer mentioned this issue Jan 6, 2022
Closed
@Mark-H Mark-H mentioned this issue Feb 10, 2024
Merged
opengeek pushed a commit that referenced this issue Aug 15, 2024
@Mark-H @sergant210
Fix issues extending modSessionHandler and flushing all sessions (#16522
58c4699 
)

### What does it do?

- Fixes the bugs from #15928, per #15934
- Refactored inititialization of the session handler and adopt the PHP
core SessionHandlerInterface, per #15934
- Move flushing sessions logic into the session handler to optionally
allow that to be extended, per #15957

### Why is it needed?

In two stale PRs #15928 and #15957 we have two proposals for dealing
with some bugs and extending session handlers. While trying to figure
out which one to use, I found both to have a solid approach, and wanting
to use one bit of one and another part of other PR.

This proposal replaces both those PRs as a middle ground, taking the
most benefit from both approachs.

### Breaking changes

This change includes a small breaking change in order to adopt the PHP
standard SessionHandlerInterface, namely adding parameters into the
open() method. There's not really any way around that in order to adopt
the standard.

As extending session handlers is a pretty advanced thing that I assume
not many people have done, I suggest we accept that for the sake of
getting closer to the standards, but make special note of this breaking
change in the docs for 3.1 and the announcement to make sure people
learn about it in case custom handlers need to be adjusted.

### How to test
Flush sessions

### Related issue(s)/PR(s)

Replaces #15934 and #15957
Fixes #15928

---------

Co-authored-by: sergant210 <sergant210@bk.ru>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sergant210 sergant210

Labels
bug The issue in the code or project, which should be addressed.
Projects
None yet
Milestone
No milestone
2 participants
@Ibochkarev @sergant210