On Fri, 2008-01-04 at 14:48 -0800, Peter Rowell wrote: > It appears that setting SESSION_SAVE_EVERY_REQUEST = True is causing a > new session to be created on each page access.
I was intending to have a quiet evening at home, but James Bennett convinced me to look at this instead. It should be fixed in [7001]. At least, one occurrence is fixed in that instance (I managed to get ever-increasing database entries and now they've stopped). The situation is a little subtle: by default, we use the same session cookie name for every Django site. You can change that. In fact, when I first saw this message, I couldn't repeat the problem because the case I tested it on had the session cookie being called something unique. Anyway, with the default name, you will sometimes be submitting a session cookie that comes from another Django site. The session id won't match anything in your database, so the subversion version of Django (with the new pluggable backends ... this shouldn't be a problem in 0.96) will save a new session to the database. However, it wasn't marking this new session as "modified", so the HTTP response wasn't sending back a set-cookie header. Thus, on the next request, you'd get the same bad session id, a *new* session entry would be created... rinse, wash, repeat. This would happen even if you weren't specifically using the session on a particular request (in fact *only* in that case -- because if you wrote to the session, it was being sent to the user each time). So [7001] makes sure the new session cookie is sent back to the user as well. Please test and see if it fixes your particular case. If not, start putting debugging prints in django/contrib/sessions/backends/db.py, particularly in the __init__ and save() methods .. and possibly in load() as well. This might give you some clues as to where the new entries are coming from. Regards, Malcolm -- Two wrongs are only the beginning. http://www.pointy-stick.com/blog/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
