So, the solution is to check whether getAttribute is returning the default
value which could be due to two reasons
1. Session timeout
2. User still not has set the session variable
How do we find out if default is returned for which reason ? I hope I am
making sense.
Thanks
Deepak
On Fri, Sep 25, 2009 at 4:36 PM, Gareth McCumskey <gmccums...@gmail.com>wrote:
> Like I said, on your login action, set the unset your own session variables
> if you don't want the user to retain session variables on timeout of
> session. Process is like this:
>
> - User logs in the first time.
> - During the course using the application your code sets certain session
> variables.
> - User walks away and while he is away the session times out
> - When he comes back and tries to carry on using the application, he gets
> redirected to login screen because of session timeout.
> - When he resubmits his credentials, your login action will unset any
> session variables he may have created in his previous session.
>
> That way, whether the user logs out manually or gets timed out, session
> variables are unset each time.
>
> The advantage of this approach is simply that you then have full control
> over what session variables a user can "keep" after timeout or logout.
>
>
> On Fri, Sep 25, 2009 at 12:38 PM, DEEPAK BHATIA
> <toreachdee...@gmail.com>wrote:
>
>> Thanks Gareth.
>>
>> The point I am seeing is that in case user has logged out while the
>> session had not expired, user can still get back the session variables he
>> has created if logs-in again.
>>
>> However say user opened a web page and forgot to do anything with that web
>> page and the session expired then as soon as user starts, user will get NULL
>> values from the session variables. Means the session variable will not be
>> set to anything.
>>
>> If session variable is not set to anything then the default value is
>> returned.
>>
>> Is my algorithm of understanding session variables as per your
>> explaination ?
>>
>> Thanks
>>
>> Deepak Bhatia
>>
>>
>>
>>
>>
>>
>> On Fri, Sep 25, 2009 at 4:01 PM, Gareth McCumskey
>> <gmccums...@gmail.com>wrote:
>>
>>> The session variables are not cleared automatically. If a user logs out
>>> only the symfony authenticated variable is set to false and all the session
>>> data you added to the user session is still available.
>>>
>>> This is actually a GOOD thing. In our example, our interface uses a
>>> tabbing system within the application stored in session. When a user logs
>>> out and logs back in he still has the tabs he made previously. There are
>>> other things that we manually remove from session on log out/log in.
>>>
>>> One way to ensure that the users session is emptied when he logs in again
>>> is on login manually set those session variables using
>>> sfUser->setParameter() to nothing.
>>>
>>>
>>> On Fri, Sep 25, 2009 at 12:13 PM, DEEPAK BHATIA <toreachdee...@gmail.com
>>> > wrote:
>>>
>>>> "The session object for the current user is accessed in the action with
>>>> the getUser() method and is an instance of the sfUser class. This class
>>>> contains a parameter holder that allows you to store any user attribute in
>>>> it. This data will be available to other requests until the end of the user
>>>> session, as shown in Listing 6-15."
>>>>
>>>> ================================================
>>>>
>>>> Hi,
>>>>
>>>> I have taken above from the Chapter 6 - Inside The Controller Layer.
>>>>
>>>> When a the user sessions ends, the session variables will have the
>>>> values returned as "NULL", I guess.
>>>>
>>>> So is it safe to redirect the action to error template in case session
>>>> variables returns NULL ?
>>>>
>>>> For example, in the line of code below, I assume that I get something
>>>> from 'allnames' session variable. However if it is "NULL", means the
>>>> session
>>>> is broken now.
>>>>
>>>> $current_name = $this->getUser()->getAttribute('allnames');
>>>>
>>>> Please suggest suitably.
>>>>
>>>> Thanks
>>>>
>>>> Deepak Bhatia
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Gareth McCumskey
>>> http://garethmccumskey.blogspot.com
>>> twitter: @garethmcc
>>>
>>>
>
>
> --
> Gareth McCumskey
> http://garethmccumskey.blogspot.com
> twitter: @garethmcc
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
