I have try to set
define('CAKE_SECURITY', 'high');
but when the browser is closed the session does not expire.
On 12 Ott, 00:27, Grant Cox <[EMAIL PROTECTED]> wrote:
> There have been threads like this before, where the question was
> really "why are Cake sessions persisting even after closing and re-
> opening the browser", and the answer is that you have changed the
>
> define('CAKE_SECURITY', 'high');
>
> in your /app/config/core.php to something other than 'high'. In
> either 'medium' or 'low' the Cake session id is stored in a cookie
> that does not expire when the browser is closed. Set it to 'high' and
> this cookie will expire, and your browser will not have the same
> session.
>
> Wayne's answer is still correct though - unless a user logs out your
> server cannot know to invalidate their session, which is why they have
> a timeout limit.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
