Sessions and expiring cookies
From: Derek Fountain (nospam_at_example.com)
Date: 01/15/05
- Next message: Alvaro G. Vicario: "Re: error handling"
- Previous message: Chris Newey: "Re: Combining SSI, PHP, and CGI in Apache 2.x"
- Next in thread: R. Rajesh Jeba Anbiah: "Re: Sessions and expiring cookies"
- Reply: R. Rajesh Jeba Anbiah: "Re: Sessions and expiring cookies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 15 Jan 2005 18:43:21 +0800
I set my session parameter so the session is a few minutes long, and if the
user goes inactive for that period the session expires. Two questions:
1) What mechanism actually expires the session? That is, what says "hang on,
the time limit has passed, so that's no longer valid"? It can't be the
browser, since that might be subverted or buggy. So does a browser send an
expired cookie value anyway and trust the website to spot it has expired?
2) How do I tell in my PHP that a session has expired? My code has a
start_session() at the top, and uses of $_SESSION[xxx] underneath, but
somewhere I should be checking that the session hasn't expired, shouldn't
I? Or maybe start_session() does that for me somehow?
-- The email address used to post is a spam pit. Contact me at http://www.derekfountain.org : <a href="http://www.derekfountain.org/">Derek Fountain</a>
- Next message: Alvaro G. Vicario: "Re: error handling"
- Previous message: Chris Newey: "Re: Combining SSI, PHP, and CGI in Apache 2.x"
- Next in thread: R. Rajesh Jeba Anbiah: "Re: Sessions and expiring cookies"
- Reply: R. Rajesh Jeba Anbiah: "Re: Sessions and expiring cookies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
