Hi, Wednesday, December 4, 2002, 1:04:07 PM, you wrote: S> I have a similar problem only my sessions expire once you leave the site, S> even for a second. I'm not so experienced with cookies so how can I fix S> this?
S> ----- Original Message ----- S> From: "Tom Rogers" <[EMAIL PROTECTED]> S> To: "John W. Holmes" <[EMAIL PROTECTED]> S> Cc: "'Gerard Samuel'" <[EMAIL PROTECTED]>; "'php-gen'" S> <[EMAIL PROTECTED]> S> Sent: Tuesday, December 03, 2002 9:52 PM S> Subject: Re[2]: [PHP] How to handle "so called" expired sessions?? >> Hi, >> >> Wednesday, December 4, 2002, 4:01:07 AM, you wrote: >> >> Ive just been getting myself deep into using sessions. >> >> Sessions are working as it should except for one condition. >> >> Say I log into the site, and the session is started, and I don't do >> >> anything for the next 30 mins, then go back to the site. >> >> Im temporarily logged out, but because the session cookie is still >> JWH> good, >> >> the next page load logs me back in. >> >> How do the people who use sessions handle this type of scenario?? >> >> JWH> Whether your logged back in or not is dependant on your program. Once >> JWH> you are gone for over X minutes, your session file is deleted. So, S> even >> JWH> though the cookie is still good, the session will not have any data. >> JWH> What's usually done is to check for a certain session value, like >> JWH> $_SESSION['logged_in'] and if it's present, then continue, otherwise >> JWH> force the user to log back in again. >> >> JWH> ---John Holmes... >> >> Not quite that simple as the cleanup proccess may not have run and the S> data is >> still sitting there, I use msession so I am not sure if the normal session S> stuff >> will return expired data after it expires and before it is S> deleted....msession >> does so I hacked it to cleanup if expired data is requested. >> >> -- >> regards, >> Tom >> >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> You will have to put phpinfo(32); at the top of your page and see what the browser is sending for session info sounds like it is not sending the session cookie. Are you using apache style authentication? netscape will not send a cookie and auth info together (at least that is what I have noticed when I tried that style of authenticating and eventually abandoned it :) -- regards, Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
