I was having the same concern. I looked at session.php (under cake/libs/),
in function __initSession():
security: high : $this->cookieLifeTime = 0
security: medium : $this->cookieLifeTime = 7 * 86400
security: low : $this->cookieLifeTime = 788940000
foldiman wrote:
>
>
> I haven't found any documentation on this. But I'm assuming the
> Session.timeout and Cookie expiration date are not equal. In fact, by
> experimenting with the three different security levels, I found the
> following:
>
> low = cookie expires in 25 years
> medium = cookie expires in 1 week
> high = cookie expires at the end of the session
>
> Can anyone confirm these values? Also, I'm assuming a new session uses
> the same cookie if it exists rather than overwriting it....correct?
>
> Thanks.
> >
>
>
--
View this message in context:
http://www.nabble.com/Session.timeout-vs-session-cookie-expiration-date-tp23985613p23987281.html
Sent from the CakePHP mailing list archive at Nabble.com.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---