Explanations for why things have been done a certain way in this issue #1258764: Flag starts a session on anonymous user loads which is bad for pressflow/varnish need to be copied to the code.

Comments

joachim’s picture

joachim CreditAttribution: joachim commented

Including:

> if flags are enabled for anonymous users there is a check on every page to see if the user has created a flag. This forces session_api to create and save session data for this anonymous user. It would be better for caching systems to only create that session data once the user actually flags something.

> To solve this I added an argument in the calls to flag_get_sid(). The new argument gets passed as FALSE to session_api to prevent creating new sessions if one does not exist. Then the argument is passed as TRUE from flag functions which add flags so that the session is created when needed.

> I'm guessing that you set the default $create parameter to TRUE because you wanted to match the session_api_get_sid() function signature, but setting the $create parameter to default to FALSE in Flag module save us a lot of code changes. The default parameter should be the most common one, so I've flipped the default $create to be FALSE instead. The resulting patch is much smaller because we have fewer changes to make.