I think a database session would be of more use to you since you would have more control over the lifetime of the session etc........
"Lowell Allen" <[EMAIL PROTECTED]> schreef in bericht [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > From: "Hans Prins" <[EMAIL PROTECTED]> > > > > can you show us the PHP code that you use to manage your session? > > Sure. You say in a following post: > > > I am asking because if you are using: session_set_cookie_params(), the > > effect of this function only lasts for the duration of the script. > > I'm not using session_set_cookie_params(). The session.cookie_lifetime > setting is 0; I don't specify anything about cookies. > > I have a login function that checks username/password against database > values, then on the content management system index page I do: > > if (login($username, $password) { > $user = $username; > session_register("user"); > } > > All pages within the cms have session_start(); following a require_once() > statement, output some HTML, then call check_valid_user(), shown below: > > function check_valid_user() { > global $user; > if (session_is_registered("user")) { > echo("<p>Logged in as $user.</p>"); > } else { > ?> > <h3>Problem: You are not logged in.</h3> > <p><a href="login.php">Login</a></p> > </body> > </html> > <? > exit; > } > } > > That's it. > > -- > Lowell Allen > > > > "Lowell Allen" <[EMAIL PROTECTED]> schreef in bericht > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> I'm using sessions for authentication in a content management system and > >> experiencing rare but occasional problems with the session apparently > >> expiring unexpectedly. I've checked the manual and I've reviewed the > > session > >> configuration on the commericial host I'm using. I don't see anything > > wrong, > >> but there are some settings that I don't understand: > >> > >> session.gc_maxlifetime 1440 -- Garbage collection after 24 minutes? Does > >> this mean that the session id and session variables will be cleared after > > 24 > >> minutes of inactivity? (Surely not; that doesn't make sense.) And cleared > >> from where, the directory specified in session.save_path? > >> > >> session.save_path /tmp -- The session id and session variables are stored > > in > >> this directory, and it's more secure to specify a different directory. Is > > it > >> more stable to specify a different directory? Is it more stable to use a > >> database? > >> > >> session.cache_expire 180 -- The cache expires after 3 hours? If > >> session.cache_limiter is set to nocache, is session.cache_expire relevant? > >> > >> Basically, I want users to be able to stay logged in to the content > >> management system indefinitely, but my tests show that after about 2 hours > >> of inactivity, the session expires. (Going to a different page causes the > >> session variable that identifies the user to be checked with > >> session_is_registered(), and access is denied if the variable isn't > >> registered.) Some users have reported this happening after about 30 > > minutes. > >> > >> I'm on LInux, PHP 4.1.2, session.cookie_lifetime setting is 0, > >> session.use_cookies setting is On, session.use_trans_sid setting is 1, and > >> other configurations as mentioned above. Why are sessions expiring? > > Comments > >> and directions to more information are appreciated. > >> > >> -- > >> Lowell Allen > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
