tags:

views:

84

answers:

1
+2  Q: 

Drupal sessions table getting huge

Over the last few months, my drupal sessions table has ballooned to several GB. It seems to have started when I upgraded to drupal 5.20 (previously I thought drupal automatically cleaned out old sessions). So I created a cron job to delete sessions older than two weeks, but this takes far too long to execute (the sessions table grows by about a million rows per week). Should drupal actually be handling this, or do I just need to cut down the maximum session age until the execution time is acceptable?

Also, I thought drupal was not supposed to create a session on the first request, thus eliminating many garbage entries for crawlers. But at least a quarter of the session entries are bots.

A: 

It sounds like a bug in your code somewhere. Drupal shouldn't create a session on first request for that exact reason.

Drupal updates are only bugfixes/security fixes for Drupal 6 and lower. So I don't see why upgrading could have caused the problem.

Have you altered Drupal core in any way?

googletorp  2010-05-04 18:50:20
Drupal core has been modified in a few places, but nothing that should affect this. I did some more investigating though, and it appears that a contrib module (organic groups) was interfering with drupal's session handling. I updated the module, and that seems to have fixed it!
Brian  2010-05-04 20:09:11

related questions

What is typically the length of your optimal coding session?
What's the most current, good practice, and easiest way to use sessions in PHP?
What can cause an ASP.NET worker process to be recycled?
How do I explicitly set asp.net sessions to ONLY expire on closing the browser or explicit logou?
session variable mixup in ASP.NET?
In Classic asp, can I store a database connection in the Session object?
What are the advantages and disadvantages of the Session Façade Core J2EE Pattern?
Different values of GetHashCode for inproc and stateserver session variables
Best way for allowing subdomain session cookies using Tomcat
Is there a way to specify a different session store with Tomcat?
PHP: $_SESSION - What are the pros and cons of storing temporarily used data in the $_SESSION variable
What is the best way to handle sessions for a PHP site on multiple hosts?
How much data can/should you store in a users session object?
ASP.Net Session_Start event not firing
Logging image downloads
ASP.Net: If I have the Session ID, Can I get the Session object?
Secure session cookies in ASP.NET over HTTPS
Django Sessions
Can I put an ASP.Net session ID in a hidden form field?
Always including the user in the django template context
Rails - recovering database from Production.log
Most efficient way to get data from the database to session
What is the best way to prevent session hijacking?
FOSS ASP.Net Session Replication Solution?
How do I best detect an ASP.NET expired session?