Response inline..
scs wrote:
Hello,
I have 3 questions:
1. How can I find about a logged-in user's session data?
I would like to see when was the session started, how long has the user
been idle? and how much time left for session expire?
That is a tough one if you are using files. PHP's garbage collector
will run on a specific interval looking for files that have old
timestamps (outside of a specificed range), and once it finds them, it
will delete them.
If you wanted to iterate the session's file directory, you can get the
last modification or last access time of the files (whichever is
available) and you might get some information for when the last time the
session was active. You'd also have to actually open the files and
unserialize the data in order to determine who that session file belongs to.
Your other option is to put sessions in the database, that might give
you a bit more flexibility to do this kind of introspection at the
application level.
2. I have a session setting in my application.ini file related to
session's save_path as below:
resources.session.save_path = path_to_project"/data/sessions"
is path_to_project a constant? only PHP constants are replaced in ini
files, we typically use APPLICATION_PATH whcih is typically defined in
the public/index.php
If its the same as APPLICATION_PATH, then the files will be stored at
APPLICATION_PATH . '/data/sessions'. That directory will need to be
read/write by the web server.
Otherwise, the data is going somewhere else, typically into /tmp/
However, the session cookie files are not saved on this location. How
can I force this location?
3. I tried to implement remember me functionality for logins as below:
//if login successfull
Zend_Session::rememberMe($rememberMeSeconds);//remember me for 1 month.
But this code sends the user to login form and does not give any error.
However, when debugging via webdeveloper plugin, i see a cookie that is
valid through the rememberMeSeconds.
But still i have one more default cookie for the domain which is firstly
created.
What is the correct way to implement rememberme functionality?
Can you determine why the cookie is not staying set? Are you calling
this only after authentication or on every request? It should only be
during authentication that you call this method.
-ralph