On Wed, 25 Apr 2001 17:48:48 -0700 (PDT), Rasmus Lerdorf
([EMAIL PROTECTED]) wrote:
>> I have a cookie that times out after an hour for security reasons.
>> About 1 out of 200 of my users send me an email saying they can't
>>log
>> into my site and I find out that it's usually because their clocks
>> are off. Has anyone had any luck using the time on the client to
>>set
>> cookies by instead of server time? I hate using javascript for
this
>> but I don't see much choice.
>
>Just use a session cookie (by not providing an expiry time) and add
>the
>server's expiry timestamp to the value of the cookie. Then when you
>get
>that cookie sent to you, check it against your server's time and
>make the
>decision on whether to accept the cookie or not based on that.
>
>That way you are immune from people not having their system clocks
>set
>right.
good idea. I'll do that.
- Mark
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
