https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39435 --- Comment #23 from David Cook <dcook@prosentient.com.au> --- (In reply to Marcel de Rooy from comment #11)
(In reply to David Cook from comment #10)
I don't do bot challenges where it's clear it's an authenticated session, so I've had to add in slim/light auth checks, since Koha's existing auth checks are too heavy weight.
If you want to check the passed session id, you will have to check the db..
Bots won't be passing a CGISESSID cookie, so there won't be a DB hit for the bots. If there is a cookie with a value, then the DB hit will be minor and likely for a real request, so it's quite efficient in the end. (Just not using Koha's current code which is not efficient hehe.)
Btw when I mentioned a plugin based idea, I was thinking more so Perl plugins rather than Koha plugins per se - just because of the slowness of Koha plugins, but something to explore...
See comment6. This plugin is not called via Plugins->call, does not hit the db. So it is always 'enabled' ;) All for speed indeed.
Yeah I saw the comment but haven't dug into the code yet to confirm it. I probably won't have time until May at the earliest I suspect... -- You are receiving this mail because: You are watching all bug changes.