Hi Darby,
I found this quote of Ralph in the archive :
a. You start a session..
b. Do stuff..
c. Go to login page, complete and click remember me..
d. Now, your controller/script detects the posted rememberme, and then
issues a Zend_Session_Core::rememberMe();
d1. what happens now is the client is sent a cookie named REMEMBERME=true,
e. The next page visit that Zend_Session is started on will see the
REMEMBERME cookie, then change the SESSION COOKIE to a persistent cookie
(for as long as the remember me secionds value). The REMEMBERME cookie
is then destroyed as its served its purpose. f. Now you have a session
cookie that will end at a specific time in the future, not when the
browser closes.
I’m going to use this technique to solve my problem
But I'm wondering why it haven’t been implemented this way? Well, I
guess that Zend_Session ::rememberMe() is not specific to authentification.
What do you think of a Zend_Auth::setRememberMe() to place in your Auth
Controller and a Zend_Auth::rememberMe() in the bootstrap that well
check for a specific cookie then proxy to Zend_Session ::rememberMe() ?
Darby Felton a écrit :
Hi Laurent,
IIRC, Zend_Session::rememberMe() uses session_set_cookie_params(). Thus,
it must be called before the session is started to work properly. This
is documented here:
http://framework.zend.com/manual/en/zend.session.global_session_management.html#zend.session.global_session_management.rememberme
Sorry for the long URL. :)
Best regards,
Darby
Laurent Melmoux wrote:
Hi all,
Until now I had call Zend_Session::start() at the beginning of bootstrap
file, so far so good.
But now, I would like to add a remember me option on my login form, so
if the authentification succeed and the remember me have been checked I
call Zend_Session::rememberMe()... But it won’t work because the session
is already started!
What do you consider as best practice to deal with this use case?
Where Zend_Session::start() should be called ?
Regards
--
Laurent Melmoux - [EMAIL PROTECTED]
Annecy - France
