I too am very interested in this topic ! --- In flexcoders@yahoogroups.com, "dorkie dork from dorktown" <[EMAIL PROTECTED]> wrote: > > Could you give an example of how you do this? If this is secure it sounds > much easier to handle. > > On 04 Apr 2007 10:12:22 -0700, Ray Horn <[EMAIL PROTECTED]> wrote: > > > > Rather than worry about the server session why not simply maintain the > > session state in the client since it is assume your client is running a SWF > > ala Flex. The fact that the client has accomplished a login could be > > handled by sending a specific token to the server as long as the token is > > some kind of UUID value that is known to be random yet non- sequential. > > > > I have coded this into a Flex Object that subclasses the HTTPService and > > once setup needs no further maintenance. In my specific case my app is > > always logged-in since it runs via an Intranet however my initial > > HTTPService call gets the user's metadata from the server and then I pass > > the user's ID back to the server on each HTTPService call but this is done > > transparently. > > > > Just a suggestion. I realize this may not be in keeping with the way most > > people might apprach this sort of problem. > > > > ----- Original Message ---- > > From: dordea cosmin <[EMAIL PROTECTED]> > > To: flexcoders@yahoogroups.com > > Sent: Wednesday, April 4, 2007 1:27:44 AM > > Subject: Re: [flexcoders]PHP and Flex questions > > > > > > When a Flex application in a browser communicates with a php page for the > > first time a session is created. This is the same behavior as user receiving > > a PHP page in their browser. > > - true , but the session is created only if the php installed in your > > server is configured to auto start a session or you manually start the > > session in your scrip. > > > > - This session that is created last indefinitely with Flex applications > > because Flex keeps the connection open / session alive on the server. > > > > I am not sure if this is 100% true , but i believe by default , the http > > headers send Connection: Keep-Alive, so sessions remain alive. In my > > application it works okay, session doesn't expire while flex application > > runs. However, I believe if you send custom HTTP headers this behavior can > > be lost. > > > > > > - Flex keeps the connection alive by periodically pinging the server. > > same as above > > > > > > - Sessions will never timeout due to this behavior. > > same as above > > > > > > - When the user navigates away from the Flex application the session will > > timeout on the server. > > > > true , it will timeout in the time specified in your php.ini > > > > > > To manually timeout a session on the server call a page or function that > > executes this code " session.destroy( );" <-- not sure what the > > recommended method to clear the session on the server. > > > > > > - true , depending on your php session you will call the correct function > > to destroy the session > > > > Hope this helps. > > > > ----- Original Message ---- > > From: dorkie dork from dorktown <dorkiedorkfromdorkt [EMAIL PROTECTED] com> > > To: [EMAIL PROTECTED] ups.com > > Sent: Tuesday, April 3, 2007 8:37:15 PM > > Subject: [flexcoders] PHP and Flex questions > > > > Can someone tell me if these statements are true or false and if false > > what is the correct answer? > > > > - When a Flex application in a browser communicates with a php page for > > the first time a session is created. This is the same behavior as user > > receiving a PHP page in their browser. > > > > > > - This session that is created last indefinitely with Flex applications > > because Flex keeps the connection open / session alive on the server. > > > > - Flex keeps the connection alive by periodically pinging the server. > > > > - Sessions will never timeout due to this behavior. > > > > - When the user navigates away from the Flex application the session will > > timeout on the server. > > > > - To manually timeout a session on the server call a page or function that > > executes this code " session.destroy( );" <-- not sure what the > > recommended method to clear the session on the server. > > > > > > Any answers will help even partial. > > > > > > ------------------------------ > > 8:00? 8:25? 8:40? Find a flick<http://tools.search.yahoo.com/shortcuts/? fr=oni_on_mail&#news>in no time > > with theYahoo! Search movie showtime shortcut.<http://tools.search.yahoo.com/shortcuts/? fr=oni_on_mail&#news> > > > > > > > > >