Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This could be a module setting per site.
I read about this idea in Barry's blog, and I looks to me nice. :)
Comment | File | Size | Author |
---|---|---|---|
#2 | persistent_login-442782.patch | 3.09 KB | markus_petrux |
Comments
Comment #1
markus_petrux CreditAttribution: markus_petrux commentedWell, here's a patch that implements this feature.
1) Adds a new module option "Persistent Logins per user limit"
2) Adds code to remove PL records beyond the specified limit per user.
3) Adds a new index to the PL table by uid and expires to optime the previous query.
I would appreciate if someone else could test it before being committed. It requires running update.php to create the new index.
Comment #2
markus_petrux CreditAttribution: markus_petrux commentedComment #3
markus_petrux CreditAttribution: markus_petrux commentedI would like to quote Barry's comment on his blog (link above) so that this issue can be self documented :)
And this is what the patch in #2 is trying to address :)
Easy in concept, but there was a tricky thing here, and that's the fact that we add a query to every page, and that needs to be as light as possible. Hence, I had to add an index to the PL table.
If there's no objection in a few days I'll go ahead and commit, so that I can focus on the other issues. :)
Comment #4
markus_petrux CreditAttribution: markus_petrux commentedCommitted to CVS
Comment #6
dragonwize CreditAttribution: dragonwize commentedLove this patch.
Besides helping keep the PL table clean it helps with security by allowing the site admin to only allow the user to be logged in on one computer at any given time.
The part I am missing though is the reason there needs to be a query run on every page. As Barry describes, the only time another record is created is when the user logs in again without having logged out but has no cookie. ie. either they cleared their cookie or they are on another computer.
So would it not be better to preform the check on login instead of on every page?
Comment #7
markus_petrux CreditAttribution: markus_petrux commentedAFAICT, the check is performed at login time, just after a PL cookie has been created. Other than that, I'm not really sure what you mean. :-|
Comment #8
dragonwize CreditAttribution: dragonwize commentedI am questioning this comment from you above:
Comment #9
markus_petrux CreditAttribution: markus_petrux commentedOh, I see. I was wrong in that comment. Who knows what I had in mind when I wrote it. The index was a good thing, anyway. :)