Hi,
I am also planning to enable HTTPS in the login form in the future...
just for security sake... but, making the user session login system
must work for now...
thanks all for the advice, guyz!
On Aug 6, 1:07 am, Vaz <[EMAIL PROTECTED]> wrote:
> The way I did it was to save an indicator in the (web tier) Session
> object. Most common I have seen is to save the id for that user. Aka:
> if successful login
> $this->Session->write('uid', $userid)
> where userid is the id for the user.
>
> The controller should be designed such that if there is a valid
> Session object [$this->Session->valid() ] but there is no uid in the
> Session object, then user is not logged in and forward the user to the
> login function.
>
> On logout, make sure to destroy session [ $this->Session->destroy() ]
> or remove the uid if the user is still allowed to access other areas
> of the site without being authenticated.
>
> The parameters that defines how long a session is considered to be
> active is different to the CAKE_SESSION_SAVE.
>
> On Aug 5, 4:40 am, phpcurious <[EMAIL PROTECTED]> wrote:
>
> > Hi,
>
> > I am getting frustrated with the session component in cakephp
> > 1.1.xxx .
> > I already configured core.php to define('CAKE_SESSION_SAVE',
> > 'database');
>
> > but how do i retrieve current session to check if current session is
> > still active ?
> > by using $this->cake_session->findAll($id) ? how do i get the $id?
>
> > if you have alternatives that you can tell me, I would be very glad to
> > know.
> > please help...
>
> > thanks in advance!
> > ;p
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
