Following this instructions, I get session lifetime longer, but if remember me is not checked, and I call Zend_Session::ForgetMe(); it has no effect, because I call it in my user model, and session is started in bootstrap.
Any idea how to do this earlyer, or regenerate session after forgetMe call, or...? Regards, Saša Stamenković On Wed, Mar 10, 2010 at 8:28 PM, Саша Стаменковић <[email protected]>wrote: > Looks like it's possible http://www.phpriot.com/articles/zend-session/5, > but it says: > > *Caution:* Ensure your sessions are written to a different filesystem > location than for other web sites, since another site will likely use the > lower garbage collection time, thereby resulting in your sessions being > cleaned-up anyway. > > Regards, > Saša Stamenković > > > > On Wed, Mar 10, 2010 at 3:58 PM, Саша Стаменковић <[email protected]>wrote: > >> Ah, yes. That way you'll set session time for all users. >> >> So, hash in cookie, and some table, and check when he returns then >> reauthenticate. Damn, too much work :) >> >> Regards, >> Saša Stamenković >> >> >> >> On Wed, Mar 10, 2010 at 3:45 PM, Jurian Sluiman < >> [email protected]> wrote: >> >>> On Wednesday 10 Mar 2010 15:38:39 Саша Стаменковић wrote: >>> > Yes, but if you change it from ini, you change it on every request, so >>> no >>> > conditional changes in the code, thats what holografix is talking >>> about. >>> > >>> > So, if you keep it default, no ini, you can change it with >>> > >>> > if ($form->getValue('remember')) { >>> > ini_set('session.gc_maxlifetime', 604800); >>> > } >>> > >>> > if user checked remember me. >>> > >>> > Regards, >>> > Saša Stamenković >>> >>> Another option is not to use the session time for specific user logins. >>> Sessions are server side and are probably application wide. So you can't >>> have >>> a session time per user login. If you need to keep the user logged in, a >>> cookie is meant to support this. >>> >>> Regards, Jurian >>> -- >>> Jurian Sluiman >>> CTO Soflomo V.O.F. >>> http://soflomo.com >>> >> >> >
