Index: includes/session.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/session.inc,v retrieving revision 1.37.2.2 diff -u -6 -p -r1.37.2.2 session.inc --- includes/session.inc 26 Jul 2007 19:16:45 -0000 1.37.2.2 +++ includes/session.inc 19 Feb 2008 23:19:23 -0000 @@ -60,23 +60,27 @@ function sess_write($key, $value) { // and one isn't being created ($value), do nothing. if (!session_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) { return TRUE; } $result = db_query("SELECT sid FROM {sessions} WHERE sid = '%s'", $key); + $new_session = !db_num_rows($result); - if (!db_num_rows($result)) { + if ($new_session) { // Only save session data when when the browser sends a cookie. This keeps // crawlers out of session table. This reduces memory and server load, // and gives more useful statistics. We can't eliminate anonymous session // table rows without breaking throttle module and "Who's Online" block. if ($user->uid || $value || count($_COOKIE)) { - db_query("INSERT INTO {sessions} (sid, uid, cache, hostname, session, timestamp) VALUES ('%s', %d, %d, '%s', '%s', %d)", $key, $user->uid, $user->cache, $_SERVER["REMOTE_ADDR"], $value, time()); + // If the insert fails, it is usually because another parallel server + // thread got here first. + $new_session = @db_query("INSERT INTO {sessions} (sid, uid, cache, hostname, session, timestamp) VALUES ('%s', %d, %d, '%s', '%s', %d)", $key, $user->uid, $user->cache, $_SERVER["REMOTE_ADDR"], $value, time()); } } - else { + + if (!$new_session) { db_query("UPDATE {sessions} SET uid = %d, cache = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, $user->cache, $_SERVER["REMOTE_ADDR"], $value, time(), $key); // TODO: this can be an expensive query. Perhaps only execute it every x minutes. Requires investigation into cache expiration. if ($user->uid) { db_query("UPDATE {users} SET access = %d WHERE uid = %d", time(), $user->uid); }