it works well. thank you.
On 9月29日, 下午9时42分, mdipierro <mdipie...@cs.depaul.edu> wrote: > If not request.function=='user': session.forget() > > will prevent saving sessions for all controller functions but the > 'user' one which handles login. > > On Sep 29, 1:56 am, hywang <why00...@163.com> wrote: > > > when some one visits my site , a new session file will be created. > > Then there is a risk : if somebody connects to my site with lots of > > robots again and again, hundreds of session files will be generated in > > seconds, deleting session files periodically has no use at all . > > > "session.forget()" prevents user login, so I can not do this. > > > How can I solve this ? > > > thank you. > >
