All, Symfony uses the php session handler to manage user state. You can change anything you need, by looking at the session factory. You can easily sign and encrypt your cookies and make them safe. Just override setCookie/getCookie.
Cheers, Dustin On 4/29/08 8:30 AM, "Tom Haskins-Vaughan" <[EMAIL PROTECTED]> wrote: > > No problem. > > So what would you recommend storing in a cookie (I've never used them to > be honest)? A random string maybe? unique to each user > > DC wrote: >> I`ll do that, manage my own cookie, but I'd suggest not just saving >> the userID, because such cookies are easy to toy with. >> In any case, thanks a lot for your time and insight! >> >> On Apr 29, 6:22 pm, Tom Haskins-Vaughan <[EMAIL PROTECTED]> >> wrote: >>> I'm getting out of my depth here, but I think because symfony relies on >>> the native php session that you can't maintain a session after someone >>> has closed the browser. Anyone else? >>> >>> I think your best bet is to create a separate cookie when the user logs >>> in and assign his user id to that cookie. Then each time a user visits >>> the site, "log them in automatically" using the user id stored in the >>> cookie. >>> >>> DC wrote: >>>> Exactly. I was thinking maybe I can change that, so that user session >>>> will only expire on timeout, and not when users close their browser. >>>> The symfony cookie's default expire is set to zero. >>>> What I wanna know is, would changing that to 2 weeks work? And how >>>> would I go ahead and do that? >>>> On Apr 29, 6:05 pm, Tom Haskins-Vaughan <[EMAIL PROTECTED]> >>>> wrote: >>>>> My understanding is that the user session will timeout either when a >>>>> user closes his/her browser or when the time limit has expired. >>>>> I think you want to create a separate cookie, i.e. not the session cookie. >>>>> DC wrote: >>>>>> I'm trying to keep users logged in for 2 weeks. >>>>>> I've changed the timeout setting to 2 weeks (sf_timeout: 1209600), but >>>>>> the symfony cookie expires at the end of the session. >>>>>> Any way I can fix that? >>> >> > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
