[ic] {Spam?} Re: long-lived sessions/carts?
Rick Bragg
lists at gmnet.net
Fri Feb 17 17:27:34 UTC 2012
On Fri, 2012-02-17 at 09:10 -0800, Grant wrote:
> I'm currently expiring sessions after 2 days:
>
> find /cat/tmp -type f -mtime +2 | xargs --no-run-if-empty rm && find
> /cat/tmp -depth -type d -empty -mtime +2 | xargs --no-run-if-empty
> rmdir && find /cat/session -type f -mtime +2 | xargs --no-run-if-empty
> rm && find /cat/session -depth -type d -empty -mtime +2 | xargs
> --no-run-if-empty rmdir
>
> Has anyone tried waiting much longer than that? Maybe 30, 60, or even
> 90 days? When I'm shopping online, I've noticed it's nice to add
> something to my cart and come back much later to find the item still
> in there without having to create an account.
>
> - Grant
>
> _______________________________________________
> interchange-users mailing list
> interchange-users at icdevgroup.org
> http://www.icdevgroup.org/mailman/listinfo/interchange-users
>
It's obviously a tradeoff with security. Personally, I don't like to
keep session open for more than a day. In some cases where I give users
the ability to edit content, I don't keep the sessions for more than a
couple hours. Maybe when they save a cart, you can send them an email
with a unique key that will expire for that longer time?
Rick
More information about the interchange-users
mailing list