[PHP] PHP SESSION DURATION.....
Hi, How do I go about making a session last longer that the duration of the browser? Say I wanted to make a session last for 1 month, so that I could close the browser as often I wanted, and the session would still be there. I found the explanations of the session function on PHP.net quite confusing. G... Oh for good documentation!!! Should I use session_cache_expire? Well, php.net says: The cache expire is reset to the default value of 180 stored in session.cache_limiter at request startup time. What about session_set_cookie_params? But php.net says the effect of this function only lasts for the duration of the script? Are session variables stored server-side or does that apply to cookies only? And what about session cookies? Are session cookies stored with the client? Please help Many thanks Keith -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: PHP SESSION DURATION.....
Correction: I meant to say: Are session variables stored server-side or client-side like cookies? Keith [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, How do I go about making a session last longer that the duration of the browser? Say I wanted to make a session last for 1 month, so that I could close the browser as often I wanted, and the session would still be there. I found the explanations of the session function on PHP.net quite confusing. G... Oh for good documentation!!! Should I use session_cache_expire? Well, php.net says: The cache expire is reset to the default value of 180 stored in session.cache_limiter at request startup time. What about session_set_cookie_params? But php.net says the effect of this function only lasts for the duration of the script? Are session variables stored server-side or does that apply to cookies only? And what about session cookies? Are session cookies stored with the client? Please help Many thanks Keith -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: PHP SESSION DURATION.....
Correction: I meant to say: Are session variables stored server-side or client-side like cookies? The session data is stored on the server. The session cookie (if there is one) is stored in the browser. How do I go about making a session last longer that the duration of the browser? Set the expiration on the session cookie so that it's a month from now, using the set_session_cookie_params() function. Also, force the users to accept cookies (somehow). Then change the garbage collection so that it won't trash session data for at least a month. Considering how inefficient all of that is, you might be better off storing the data in a database instead of a session and then storing the database record ID in a cookie in the browser. There are some serious security considerations here but it will get your results and won't rely upon PHP's sessions. Again, this isn't ideal but it's a start... Hope that helps, Larry -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP SESSION DURATION.....
On Wednesday, November 26, 2003, at 03:12 AM, Keith wrote: Hi, How do I go about making a session last longer that the duration of the browser? Say I wanted to make a session last for 1 month, so that I could close the browser as often I wanted, and the session would still be there. I found the explanations of the session function on PHP.net quite confusing. G... Oh for good documentation!!! The documentation is fine. It's the problem that needs to be addressed. A session is INTENDED to only last the duration of the browser -- that's the point. There is no way that I know of to have PHP's sessions last a month. For starters, that'd be pretty scary for a high traffic site with many users :) What you need is a way of remembering the person (or more accurately, the user agent) BETWEEN SESSIONS. How? You set a cookie on the client-side with (for example) a username in it, and next time they come back, you check for the cookie, and add that info to a NEW session. Ultimately, this will only work depending on WHAT you want to remember in between sessions. You can't (for example) set the session_id() as a cookie parameter and expect that next time the user returns, the same session id can be used. You should keep security in mind, and let users CHOOSE to have their details remembered. Not everyone has a dedicated computer -- they may be accessing the machine from a library, net cafe, friend's place, etc. You should also be prepared for the fact that not all user agents can/will accept cookies, so your application can't fall over / break if the cookies aren't maintained, or if I decide to access your site from home/work/laptop/pda/etc. Are session variables stored server-side or does that apply to cookies only? Session vars are stored server side. Maintaining state (that is, remembering the user agent between requests) is done EITHER with a cookie (client side) or via a GET (url) variable. In both cases, a session id is remembered, and used to retrieve the server-side session variables. And what about session cookies? Are session cookies stored with the client? session cookies are just cookies to remember the PHP session id. Justin French -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] session duration
Is there a way to programatically (inside a session) change session duration for the current session only? (using cookie-based sessions) ? -- - Ivan Voras ivoras @ fer.hr - - If I knew what I was doing, it wouldn't be called research. -- R. P. Bergman - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php