On Wed, Jul 23, 2008 at 7:08 AM, Alan Dixon <
alan.g.dixon@gmail.com> wrote:
> i'm wondering if your statement:
>
> "the login event regenerates the session"
>
> is completely true.
>
> I don't believe that the php session cookie changes, and I don't see
> anywhere (or why) drupal would completely remove all $_SESSION info on
> login.
>
> I think what does happen is that Drupal's private session stuff as
> stored in the session table gets cleared out (primarily the user
> object that gets cached, i'm not sure what else), but you don't need
> to worry about that do you?
>
> Put all your pre-login stuff into $_SESSION and then it should still
> be there after login, I think.
>
> - Alan
>
> On Mon, Jul 14, 2008 at 1:37 PM, Joe Murray
> <
joe.murray@jmaconsulting.biz> wrote:
>> I have a use case where anonymous users can do a bunch of work, and then at
>> the end request to save it, which requires logging in (and possibly also
>> creating an account). The login event regenerates the session, and so far as
>> I know 5.x does not provide a hook that can be used to copy info from the
>> old session into the new so that it can be saved in a way that is associated
>> with the correct uid. I suppose such a hook so would open up lots of
>> security issues. Still, this is the second time I've confronted this sort of
>> an issue, and I don't know the correct design pattern to handle it in
>> Drupal. Comments and suggestions welcome.
>>
>>
>>
>> Cheers,
>>
>>
>>
>> Joe Murray, PhD
>>
>> President, JMA Consulting
>>
>> @ The Centre for Social Innovation
>>
>> 215 Spadina Ave, Suite 400, Toronto, Ontario, Canada M5T 2C7
>>
>> 416.466.1281, (416) 644-0116 (f)
>>
>>
joe.murray@jmaconsulting.biz
>>
>> Skype: josephpmurray
>>
>>
>
>
>
> --
> Alan Dixon, Web Developer
>
http://alan.g.dixon.googlepages.com/
>