Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10
  1. #1
    New Coder darksecu's Avatar
    Join Date
    Dec 2011
    Location
    India
    Posts
    99
    Thanks
    11
    Thanked 1 Time in 1 Post

    $_SESSION Validity

    On My Site I Set User Name And Other User Information In $_SESSION..
    I want to know if i can set validity of session, like session expire on browser restart is default, session close after 10 mins or 1 hour 10 days etc ?


    i tried to save value in $_cookie and then parse it to $_session..
    but members of my site were getting logged into my account [without doing anything], does cookie works same for every visitor on site ?


    ----------------------------
    Code Was Like This
    PHP Code:
    <?php
    ob_start
    ();
    session_start();
    $_SESSION[username]=$_COOKIE[username];

    // Other Config/Main Setting File Content -- Attached to Every Page //
    ----------------------------

    Basically my question is can i set $_SESSION for a time period or how to safely use cookies to store logged in user information (so dont get logged into my account)?
    When You Begin To Practice,That's The Time You Begin To Learn New Things.

  • #2
    Regular Coder Custard7A's Avatar
    Join Date
    Jul 2010
    Location
    Australia
    Posts
    286
    Thanks
    32
    Thanked 33 Times in 33 Posts
    $_SESSION uses cookies to store the data by default.

    Using session_set_cookie_params(0) before session_start() will make your session cookies expire when the browser is closed. You can substitute the number with a higher one to reflect the expiration time in seconds(session_set_cookie_params(600) would be 10 minutes). As for users being logged into your account, that is probably an issue with your script logic. I can't see how that would happen with the information you've provided.

  • #3
    New Coder darksecu's Avatar
    Join Date
    Dec 2011
    Location
    India
    Posts
    99
    Thanks
    11
    Thanked 1 Time in 1 Post
    actually i want users to decide for how long they want to keep logged in...
    can the time be set like this ?
    PHP Code:
    session_set_cookie_params($_COOKIE[user_decided_time]) 
    When You Begin To Practice,That's The Time You Begin To Learn New Things.

  • #4
    Banned
    Join Date
    Oct 2012
    Posts
    81
    Thanks
    0
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by Custard7A View Post
    $_SESSION uses cookies to store the data by default.

    Using session_set_cookie_params(0) before session_start() will make your session cookies expire when the browser is closed.
    Are you sure??

    I thought session variables, stored in $_SESSION, are stored on the actual web server and not on the user's local machine.

    I think you are confused with the session cooike which identifies the actual user session. session_set_cookie_params aets the session cookie paramaters and not other cookies' parameters.

  • #5
    Regular Coder Custard7A's Avatar
    Join Date
    Jul 2010
    Location
    Australia
    Posts
    286
    Thanks
    32
    Thanked 33 Times in 33 Posts
    Edit: I didn't read that last line properly. I don't actually know if session variables are stored on the server or not, I only meant it uses cookies to identify the session or for what-not. I believe setting the session cookies to expire would also be reflected on the entire session, at least, that's what I'm lead to believe.
    Last edited by Custard7A; 11-15-2012 at 06:34 AM.

  • #6
    Banned
    Join Date
    Oct 2012
    Posts
    81
    Thanks
    0
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by Custard7A View Post
    I don't actually know if session variables are stored on the server or not,
    I think you'll find that session variables (stored in the global $_SESSION array) are stored on the server and the session cookie to identify the session, if used, is stored on the user's local pc.

  • #7
    Regular Coder Custard7A's Avatar
    Join Date
    Jul 2010
    Location
    Australia
    Posts
    286
    Thanks
    32
    Thanked 33 Times in 33 Posts
    Thanks Minder, maybe I will research it a bit more sometime.

    @ darksecu: I assume that it would take variables, as long as you're passing it an integer.
    Last edited by Custard7A; 11-15-2012 at 06:57 AM.

  • #8
    New Coder darksecu's Avatar
    Join Date
    Dec 2011
    Location
    India
    Posts
    99
    Thanks
    11
    Thanked 1 Time in 1 Post
    Is it safe to re-customize my whole script and use $_COOKIE instead of using session ?
    When You Begin To Practice,That's The Time You Begin To Learn New Things.

  • #9
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,313
    Thanks
    58
    Thanked 525 Times in 512 Posts
    Blog Entries
    5
    I wouldn't do that no. You just need to set the lifetime of the session cookie.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #10
    New Coder darksecu's Avatar
    Join Date
    Dec 2011
    Location
    India
    Posts
    99
    Thanks
    11
    Thanked 1 Time in 1 Post
    Quote Originally Posted by tangoforce View Post
    I wouldn't do that no. You just need to set the lifetime of the session cookie.
    I Tried to set session_set_cookie_params(20)
    but many time i found it didn't work well..

    but setcookie works well..
    When You Begin To Practice,That's The Time You Begin To Learn New Things.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •