https://stackoverflow.com/questions/17787991
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI think you need an application-level thing to manage these reservations, rather than relying on the session itself. It's hard to 'do things' when sessions expire, and I'd argue sessions are not really designed to be depended on for this sort of functionality.
I suggest you create a separate table that holds reservation tokens. These would have an unique 'token' hash as the primary key, an 'expires' date, and possibly a optional user ID. Instead of storing Session_ID on the reservation table, you store the token instead, with the same constraint in place (so deleting the token frees up the reservation). You add an additional cron job that expires tokens - this could be as simple as executing a DELETE FROM reservation_tokens WHERE expires < NOW() query. In the session you store the token, and checking the expire time on the token will tell you whether the reservation is still valid or not.
This way your reservation expiry is no longer dependent on the session expiring. It also would allow for things like a logged in user still having the same reservation if they were to login again (before the reservation expired).
As for the administrative login, an approach I've taken in the past is to simply extend the session expiry when a user authenticates. This is pretty easy to do, just after a valid login:
// assuming $result is a Zend_Auth_Result
if ($result->isValid()) {
// extend the user's session
$lifetime = 1200;
ini_set('session.cookie_lifetime', $lifetime);
Zend_Session::rememberMe($lifetime);
}
and if you've implemented the reservation token solution, having a longer session no longer causes problems with your reservations.
