doubt about error handling in session library
Closed this issue · 2 comments
while scrolling through session library I observed
if ($this->inactivityTimeout() || $this->expireTimeout())
{
throw new SessionExpired("ERROR: This session has expired.");
}
at several places
now assuming that in a live web application the code written by the developer passes a session id which has been expired so is it ok to show an error message to user than to return a false value to developer so that he can do something like redirect user to login section?
It depends on how the intended functionality is used. If the framework uses it, it can easily catch the exception, but an exception is usually needed only when the function can not continue due to an EXCEPTION, so I don’t think this one qualifies.
-A
Notice: This message is digitally signed, its source and integrity are verifiable.
If you mail client does not support S/MIME verification, it will display a file (smime.p7s), which includes the X.509 certificate and the signature body. Read more at Certified E-Mail with Comodo and Thunderbird in AbiusX.com
On Oct 30, 2013, at 1:07 PM, minhaz notifications@github.com wrote:
while scrolling through session library I observed
if ($this->inactivityTimeout() || $this->expireTimeout())
{
throw new SessionExpired("ERROR: This session has expired.");
}at several places
now assuming that in a live web application the code written by the developer passes a session id which has been expired so is it ok to show an error message to user than to return a false value to developer so that he can do something like redirect user to login section?
—
Reply to this email directly or view it on GitHub.
got it... thanks!