There are a two known things I remember reading about: Ajax (or rapid-fire fingers) conflicting with high security levels. Setting security to medium or lower should fix that. There is also the possibility that your host does a bit of "clean-up" in php's sessions dir. Using cake sessions should fix that... I think.
I had these random logouts and it turned out to be a problem with the security level being to high (if you call that a problem). Displaying a form and having some ajax on the page can make the temporary security hash in the form become "old" and then you are logged out for being a hacker. :) On Jan 26, 3:25 pm, "[email protected]" <[email protected]> wrote: > On Jan 23, 10:53 pm, brian <[email protected]> wrote: > > > Did you look into how the different Security levels affect Cake > > sessions? I'm sure it's in the cookbook. Otherwise, there's always the > > google. > > I played with the different setting but the behavior seems more random > than > anything else. > > Anybody else has any insight? > > > On Fri, Jan 23, 2009 at 10:51 PM, [email protected] > > > <[email protected]> wrote: > > > > On Jan 23, 3:31 pm, brian <[email protected]> wrote: > > >> I believe the Security.level (in core.php) affects how soon Cake > > >> sessions last. > > > > My 'Security.level' is set to 'low' and 'Session.timeout' to '1440'. > > > Shouldn't my sessions last 5 days? They don't :-( > > > >> On Fri, Jan 23, 2009 at 2:32 PM, [email protected] > > > >> <[email protected]> wrote: > > > >> > Hi, > > > >> > Can someone explain me how sessions work in CakePHP once and for all? > > > >> > I'm using CakePHP 1.2.0.7296 RC2 and PHP 5.2.6 > > > >> > I have the following setting in my core.php file: > > > >> > Configure::write('Session.save', 'cake'); // I tried both 'php' and > > >> > 'cake' with the same results > > >> > //Configure::write('Session.table', 'cake_sessions'); > > >> > //Configure::write('Session.database', 'default'); > > >> > Configure::write('Session.cookie', 'CAKEPHP'); > > >> > Configure::write('Session.timeout', '1440'); > > >> > Configure::write('Session.start', true); > > >> > Configure::write('Session.checkAgent', true); > > >> > Configure::write('Security.level', 'low'); > > > >> > And the following PHP settings: > > > >> > session.cache_expire 7200 > > >> > session.cookie_lifetime 0 > > >> > session.gc_maxlifetime 432000 > > >> > session.use_cookies On > > >> > session.use_only_cookies Off > > > >> > My expectation is that my sessions should last 1400sec * 300 (for > > >> > 'low') or 5 days. > > >> > Yet, without closing my browser, my sessions will become unavailable > > >> > once or > > >> > twice a day. I.e. code that checks for a valid username in the session > > >> > gets > > >> > nothing and 'logs me out'. > > > >> > I have had this behavior hapenning in a couple of CakePHP applications > > >> > I > > >> > developed. What am I missing? > > > >> > Thank you --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
