--- session_expire.module	2010-10-21 16:08:31.000000000 -0400
+++ session_expireNew.module	2010-10-21 16:41:46.000000000 -0400
@@ -4,14 +4,11 @@
 /**
  * @file
  * Expires rows from the session table older than a certain time.
- *
- * @copyright Copyright 2007 Khalid Baheyeldin http://2bits.com
  */
 
-define('SESSION_EXPIRE_INTERVAL', 'session_expire_interval');
 define('SESSION_EXPIRE_AGE',      'session_expire_age');
 define('SESSION_EXPIRE_MODE',     'session_expire_mode');
-define('SESSION_EXPIRE_LAST',     'session_expire_last');
+define('SESSION_EXPIRE_MAX_DELETIONS', 'session_expire_max_deletions');
 
 /**
  * Implementation of hook_menu().
@@ -31,21 +28,12 @@ function session_expire_menu() {
 }
 
 function session_expire_settings() {
+  $session_count = db_result(db_query('SELECT count(*) FROM {sessions}'));
   $form['session_expire_desc'] = array(
     '#type'  => 'markup',
-    '#value' => t('This module requires cron to be correctly configured and running for Drupal.'),
-  );
-
-  $interval = drupal_map_assoc(array(0, 7200, 10800, 21600, 43200, 86400, 172800, 259200, 604800), 'format_interval');
-  $interval['0'] = t('Everytime');
-  $form[SESSION_EXPIRE_INTERVAL] = array(
-    '#type'          => 'select',
-    '#title'         => t('Interval'),
-    '#default_value' => variable_get(SESSION_EXPIRE_INTERVAL, 86400),
-    '#options'       => $interval,
-    '#description'   => t('Run the cleanup at the specified interval. This tells Drupal how often to run the cleanup. On a busy site, you want that to be more frequent (e.g. every day at a minimum). You don\'t want it to be too frequent though (e.g. every hour), as it can tie up the sessions table for a long time. Cron must be configured to run more frequently than the value you chose here.')
+    '#value' => t('This module requires cron to be correctly configured and running for Drupal. You currently have !count rows in your sessions table.', array('!count' => $session_count)),
   );
-
+  
   $period = drupal_map_assoc(array(1800, 3600, 7200, 10800, 21600, 43200, 86400, 172800, 259200, 604800, 1209600, 2419200), 'format_interval');
   $period['1000000000'] = t('Never');
 
@@ -68,6 +56,16 @@ function session_expire_settings() {
     '#description'   => t('Types of sessions to discard. This option indicates whether only anonymous users, or both anonymous and authenticated users are expired. Note that if you choose authenticated users, they will be logged off and have to login again after the "age" specified above.'),
   );
 
+  $max_deletions = drupal_map_assoc(array(100, 500, 1000, 2500, 5000, 10000, 50000, 100000, 500000));
+  $max_deletions['0'] = t('Unlimited');
+  $form[SESSION_EXPIRE_MAX_DELETIONS] = array(
+    '#type'          => 'select',
+    '#title'         => t('Maximum deletions per run'),
+    '#default_value' => variable_get(SESSION_EXPIRE_MAX_DELETIONS, 1000),
+    '#options'       => $max_deletions,
+    '#description'   => t('Limit the number of sessions deleted during each invocation of the cron job by this amount. This is important if your sessions table is very large (e.g. more than 10,000 rows) because the job may run for a long time. One strategy is to use <a href="!url">Elysia Cron</a> to manage the frequency of execution of your cron jobs and set session_expire_cron to run hourly with this value set relatively low (1000 should be ok on most servers).', array('!url' => 'http://drupal.org/project/elysia_cron'))
+  );
+
   return system_settings_form($form);
 }
 
@@ -75,31 +73,38 @@ function session_expire_settings() {
  * Implementation of hook_cron().
  */
 function session_expire_cron() {
-  // Check if it is the first time this hook fires
-  $last_run_time = variable_get(SESSION_EXPIRE_LAST, 0);
-  if (!$last_run_time) {
-    // Set the time
-    variable_set(SESSION_EXPIRE_LAST, time());
-  }
+  $timestamp = time() - variable_get(SESSION_EXPIRE_AGE, 604800);
 
-  // Check if we should run, this should only be once a day
-  if (time() > $last_run_time + variable_get(SESSION_EXPIRE_INTERVAL, 86400)) {
-    $timestamp = time() - variable_get(SESSION_EXPIRE_AGE, 604800);
-
-    // Check if we should delete anonymous only or both anonymous and authenticated users
-    $extra_cond = '';
-    $mode = variable_get(SESSION_EXPIRE_MODE, 0);
-    if (!$mode) {
-      $extra_cond = 'AND uid = 0';
+  // Check if we should delete anonymous only or both anonymous and authenticated users
+  $extra_cond = '';
+  $mode = variable_get(SESSION_EXPIRE_MODE, 0);
+  if (!$mode) {
+    $extra_cond = 'AND uid = 0';
+  }
+  
+  // Delete the sessions
+  $max_deletions = (int) variable_get(SESSION_EXPIRE_MAX_DELETIONS, 1000);
+  if ($max_deletions > 0) {
+    // Restricted number of deletions
+    $affected_rows = 0;
+    $result = db_query_range("SELECT sid FROM {sessions} WHERE timestamp < %d $extra_cond", $timestamp, 0, $max_deletions);
+    while ($row = db_fetch_object($result)) {
+      db_query("DELETE FROM {sessions} WHERE sid = '%s'", $row->sid);
+      $affected_rows += 1;
     }
+  }
+  else {
+    // Unlimited deletions
+    $affected_rows = 0;
+    $result = db_query("SELECT sid FROM {sessions} WHERE timestamp < %d $extra_cond", $timestamp);
+    while ($row = db_fetch_object($result)) {
+      db_query("DELETE FROM {sessions} WHERE sid = '%s'", $row->sid);
+      $affected_rows += 1;
+    }
+  }
 
-    // Perform the deletion
-    db_query("DELETE FROM {sessions} WHERE timestamp < %d $extra_cond", $timestamp);
-
-    // Write to the watchdog
-    watchdog('cron', 'Number of sessions deleted: '. db_affected_rows());
-
-    // Set the last time we deleted
-    variable_set(SESSION_EXPIRE_LAST, time());
+  // Write to the watchdog
+  if ($affected_rows) {
+    watchdog('cron', 'Number of sessions deleted: '. $affected_rows);    
   }
 }