Re: [PHP] Overriding session length in existing session?

2011-03-08 Thread Marc Guay 
Hi Scott,

I'm glad you resolved your problem.  I'm curious about your method
though, as it seems to be an entirely different approach to my own.
How do you refer to your session data throughout the rest of the site?
 Do you always reference the $_COOKIE variables or do you utilise
$_SESSION's at some point?

Marc

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-08 Thread Scott Baker 
On 03/08/2011 09:46 AM, Marc Guay wrote:
 Hi Scott,
 
 I'm glad you resolved your problem.  I'm curious about your method
 though, as it seems to be an entirely different approach to my own.
 How do you refer to your session data throughout the rest of the site?
  Do you always reference the $_COOKIE variables or do you utilise
 $_SESSION's at some point?

I'll summarize... Everytime I hit a page I open a session with a session
time of 7 days. If the user logs in correctly it stores the user
information in $_SESSION, and then the site sees their login info and
lets them past the login screen. If, at the login screen, they select
public terminal it sets the session cookie length to 0 and regenerates
the cookie to expire on browser close.

Everything after that is pulled from the $_SESSION variable.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-07 Thread Scott Baker 
On 03/04/2011 11:48 AM, Marc Guay wrote:
 I think that my suggestion is still a valid solution, someone correct
 me if I'm wrong.  Let's say your code went like this:
 
 session_start();

I did a ton of digging and came up with session_regenerate_id()

In my header.php I start the session as normal, and IF the user selects
public terminal I use the call set the session cookie length as 0 and
then regenerate the session cookie.

if ($public_term) {
   session_set_cookie_params(0);
   session_regenerate_id();
}

This way it defaults to a cookie of X days, but if it's a public
terminal it resets the cookie to expire at browser close.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-07 Thread Scott Baker 
On 03/04/2011 11:48 AM, Marc Guay wrote:
 I think that my suggestion is still a valid solution, someone correct
 me if I'm wrong.  Let's say your code went like this:
 
 session_start();

I did a ton of digging and came up with session_regenerate_id()

In my header.php I start the session as normal, and IF the user selects
public terminal I use the call set the session cookie length as 0 and
then regenerate the session cookie.

if ($public_term) {
   session_set_cookie_params(0);
   session_regenerate_id();
}

This way it defaults to a cookie of X days, but if it's a public
terminal it resets the cookie to expire at browser close.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-05 Thread tedd 

At 5:00 PM -0800 3/3/11, Scott Baker wrote:

On 03/03/2011 04:31 PM, tedd wrote:

  Simple answer -- put session_start() at the start of your code -- first

 line.


Of index.php or header.php? You lost me.

--
Scott Baker - Canby Telcom


Scott:

The statement should be at the start of every php file that has php code in it.

For example, if you have three web pages (index.php, services.php, 
and contact.php) AND you have php code in each that share session 
data, then the first statement in every page should be:


?php  session_start;

Here's a working example:

http://www.webbytedd.com/b/sessions/index.php

The code is there.

Cheers,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-05 Thread Marc Guay 
 The statement should be at the start of every php file that has php code in 
 it.

Hi Tedd,

Normally I'd agree with this but having never used the function
session_set_cookie_params() before, I looked it up, and the manual
says to put it before session_start().

Set cookie parameters defined in the php.ini file. The effect of this
function only lasts for the duration of the script. Thus, you need to
call session_set_cookie_params() for every request and before
session_start() is called. 

Marc

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-05 Thread tedd 

At 1:29 PM -0500 3/5/11, Marc Guay wrote:
  The statement should be at the start of every php file that has 
php code in it.


Hi Tedd,

Normally I'd agree with this but having never used the function
session_set_cookie_params() before, I looked it up, and the manual
says to put it before session_start().

Set cookie parameters defined in the php.ini file. The effect of this
function only lasts for the duration of the script. Thus, you need to
call session_set_cookie_params() for every request and before
session_start() is called. 

Marc



Marc:

Okay, but read on -- there seems to be debate on it.

Cheers,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-04 Thread Marc Guay 
 This is called globally in *all* my scripts. In another script I'd
 really like to set the session to expire after the browser closes if a
 uses clicks public terminal or something.

Howdy.  Don't sessions expire when the browser closes as a rule?  Do
you mean the session cookie?  Why not store the cookie, if one exists,
 in a $_SESSION variable in your header file and then refer to that in
the rest of your code, rather than the cookie.  Then when you want to
destroy the session cookie, you can overwrite it and the existing
session will still flow using the $_SESSION vars until the browser
closes.

It's early here, I hope that sort of makes sense and that I've at
least sort of understood the problem.

Marc

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-04 Thread Marc Guay 
I think that my suggestion is still a valid solution, someone correct
me if I'm wrong.  Let's say your code went like this:

session_start();

 // Check to see if the session variable has already been set, if not
if (!isset($_SESSION['var'])){

// Check to see if it's been stored in a cookie
if (isset($_COOKIE['var'])){
$_SESSION['var'] = $_COOKIE['var'];
}

// If not, set the session variable and store it in a cookie for 7 days
else{
$_SESSION['var'] = value;
setcookie (var, $_SESSION['var'], time()+86400 * 7, /, 
.domain.com);
}
}   
echo Here I am using my session variable, it's value is .$_SESSION['var'];


So if that's in the header of every page, but you want to make an
acception if the person is using a public computer, you just add
something like:

if ($_POST['public_terminal'] === TRUE){

// Delete the cookie
setcookie(var,,time() - 3600);  
}

echo Here I am *still* using my session variable, it's value is
.$_SESSION['var']. and it will expire when the browser closes;


Marc

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Overriding session length in existing session?

2011-03-03 Thread Scott Baker 
I have a global header.php file that sets up a bunch of stuff: DB,
global variables, and does session_start(). My header.php looks like this:

#header.php
$cookie_life = (86400 * 7); // Cookies last for seven days
session_set_cookie_params($cookie_life,/,.domain.com,true);
session_start();

This is called globally in *all* my scripts. In another script I'd
really like to set the session to expire after the browser closes if a
uses clicks public terminal or something.

I thought I could just set the session cookie to expire after the
browser closes. Can I override the already started session by doing
something like this in my index.php:

#index.php
include('header.php');
setcookie(session_name(), '', 0 ,/,.domain.com);

When I do this the session expires IMMEDIATELY. I must be missing something?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-03 Thread tedd 

At 2:58 PM -0800 3/3/11, Scott Baker wrote:

I have a global header.php file that sets up a bunch of stuff: DB,
global variables, and does session_start(). My header.php looks like this:

#header.php
$cookie_life = (86400 * 7); // Cookies last for seven days
session_set_cookie_params($cookie_life,/,.domain.com,true);
session_start();

This is called globally in *all* my scripts. In another script I'd
really like to set the session to expire after the browser closes if a
uses clicks public terminal or something.

I thought I could just set the session cookie to expire after the
browser closes. Can I override the already started session by doing
something like this in my index.php:

#index.php
include('header.php');
setcookie(session_name(), '', 0 ,/,.domain.com);

When I do this the session expires IMMEDIATELY. I must be missing something?


Simple answer -- put session_start() at the start of your code -- first line.

Cheers,

tedd

--
---
http://sperling.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Overriding session length in existing session?

2011-03-03 Thread Scott Baker 
On 03/03/2011 04:31 PM, tedd wrote:
 At 2:58 PM -0800 3/3/11, Scott Baker wrote:
 I have a global header.php file that sets up a bunch of stuff: DB,
 global variables, and does session_start(). My header.php looks like
 this:

 #header.php
 $cookie_life = (86400 * 7); // Cookies last for seven days
 session_set_cookie_params($cookie_life,/,.domain.com,true);
 session_start();

 This is called globally in *all* my scripts. In another script I'd
 really like to set the session to expire after the browser closes if a
 uses clicks public terminal or something.

 I thought I could just set the session cookie to expire after the
 browser closes. Can I override the already started session by doing
 something like this in my index.php:

 #index.php
 include('header.php');
 setcookie(session_name(), '', 0 ,/,.domain.com);

 When I do this the session expires IMMEDIATELY. I must be missing
 something?
 
 Simple answer -- put session_start() at the start of your code -- first
 line.

Of index.php or header.php? You lost me.

-- 
Scott Baker - Canby Telcom
System Administrator - RHCE - 503.266.8253

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php