when some one visits my site , a new session file will be created. Then there is a risk : if somebody connects to my site with lots of robots again and again, hundreds of session files will be generated in seconds, deleting session files periodically has no use at all .
"session.forget()" prevents user login, so I can not do this. How can I solve this ? thank you.
