Yes it definitely works, I login (ticking remember me), close the browser, open the browser again and it remembers me.
I thought I had to set remember me before starting the session however I found someone else had done the same as I have, and on testing it works. I wonder is the cookie set only when needed, or is the remember me cookie set on the next request, which may be caused by my redirect? -----Original Message----- From: Laurent Melmoux [mailto:[EMAIL PROTECTED] Sent: Friday, 7 December 2007 5:35 PM To: Steven Brown Cc: 'Darby Felton'; 'Zend Framework General' Subject: Re: [fw-general] Zend_Session::start() and remember me Are you sure it is working? Zend_Session::rememberMe() is calling Zend_Session::rememberUntil() which is calling the php function session_set_cookie_params () (http://php.net/session_set_cookie_params) . This function configures the cookie use by the session. As Darby said it should be called before session_start() to work. Finally here is how I solve this issue: *In my AuthController, after a successful authentification :* // Set a cookie to notify the bootstrap how long the session cookie should last $duration = $this->_form->rememberme ? 1209600 : 0; setcookie("Zend_Auth_RememberMe", $duration, time()+6000, '/'); *In my bootstrap:* // Session include 'Zend/Session.php'; if(isset($_COOKIE["Zend_Auth_RememberMe"])){ Zend_Session::rememberUntil($_COOKIE["Zend_Auth_RememberMe"]); unset($_COOKIE["Zend_Auth_RememberMe"]); } Zend_Session::start(); Regards, -- Laurent Melmoux - [EMAIL PROTECTED] Annecy - France Steven Brown a écrit : > Actually I found I could call Zend_Session::rememberMe() after > Zend_Session::start() and it works. > > I call Zend_Session::start() in my bootstrap and Zend_Session::rememberMe() > in my login action. > > I expected it to not work after reading the manual however it seems to work > fine. > > -----Original Message----- > From: Laurent Melmoux [mailto:[EMAIL PROTECTED] > Sent: Friday, 7 December 2007 1:34 AM > To: Darby Felton > Cc: Zend Framework General > Subject: Re: [fw-general] Zend_Session::start() and remember me > > Darby Felton a écrit : > > >> >> >>> d1. what happens now is the client is sent a cookie named >>> > REMEMBERME=true, > >>> e. The next page visit that Zend_Session is started on will see the >>> REMEMBERME cookie, then change the SESSION COOKIE to a persistent cookie >>> (for as long as the remember me secionds value). The REMEMBERME cookie >>> is then destroyed as its served its purpose. f. Now you have a session >>> cookie that will end at a specific time in the future, not when the >>> browser closes. >>> >>> Im going to use this technique to solve my problem >>> >>> >> Yes, Ralph's explanation is fine and correct and does not conflict with >> the crux of my last message - that rememberMe() must be called before >> the session is started. >> >> > > Yes I totally agree with that. > > I think I dont explain myself very well :). > > My original question was, how can I keep Zend_Session::start() at the > beginning of my bootstrap and at the same time have my Auth Controller > works with the remember me fiture. > > So now I have an answer, by using Ralph technique, I can set a cookie in > the AuthController to notifies my bootstrap, to call > Zend_Session::remeberMe()in my next page load. > > Actually, I got mixed up with the session remember me and the > authentification remember me. It is 2 things even though the > authentification remember me is tight couple with the session.( may be > Zend_Session::setDuration() would be less confusing ? ) > > >> >> >>> But I'm wondering why it havent been implemented this way? Well, I >>> guess that Zend_Session ::rememberMe() is not specific to >>> > authentification. > >>> What do you think of a Zend_Auth::setRememberMe() to place in your Auth >>> Controller and a Zend_Auth::rememberMe() in the bootstrap that well >>> check for a specific cookie then proxy to Zend_Session ::rememberMe() ? >>> >>> >>> Darby Felton a écrit : >>> >>> >>>> Hi Laurent, >>>> >>>> IIRC, Zend_Session::rememberMe() uses session_set_cookie_params(). Thus, >>>> it must be called before the session is started to work properly. This >>>> is documented here: >>>> >>>> >>>> > http://framework.zend.com/manual/en/zend.session.global_session_management.h > tml#zend.session.global_session_management.rememberme > >>>> Sorry for the long URL. :) >>>> >>>> Best regards, >>>> Darby >>>> >>>> Laurent Melmoux wrote: >>>> >>>> >>>> >>>>> Hi all, >>>>> >>>>> Until now I had call Zend_Session::start() at the beginning of >>>>> > bootstrap > >>>>> file, so far so good. >>>>> >>>>> But now, I would like to add a remember me option on my login form, so >>>>> if the authentification succeed and the remember me have been checked I >>>>> call Zend_Session::rememberMe()... But it wont work because the >>>>> > session > >>>>> is already started! >>>>> >>>>> What do you consider as best practice to deal with this use case? >>>>> Where Zend_Session::start() should be called ? >>>>> >>>>> Regards >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>> >>> >> >> > > >
