How to set a session to either 365 days or to when browser closes | | |
I have this PHP code (PHP5):
if($autologin == "on")
session_set_cookie_params(60*60*24*365); // 365 days
else
session_set_cookie_params(0); // when browser closes
session_start();
In my php.ini file I have this line, which I guess will give me a 365
days timeout on my PHPSESSID server session:
session.cookie_lifetime = 31536000
My problem is, that whatever I do, the session is set to 365 days no
matter if I have "autologin" on or off. Autologin is a checkbox that
asks the user if he wants to login automatically every time he visits my
page.
If I set the session.cookie_lifetime to the default value of 0, the
session expires always when the browser closes.
What am I doing wrong?
| | | | re: How to set a session to either 365 days or to when browser closes
FamB wrote:[color=blue]
> My problem is, that whatever I do, the session is set to 365 days no
> matter if I have "autologin" on or off. Autologin is a checkbox that
> asks the user if he wants to login automatically every time he visits
> my page.
>[/color]
session_set_cookie_params() should be called before session_start(), is this
the case?
JW
| | | | re: How to set a session to either 365 days or to when browser closes
Janwillem Borleffs wrote:[color=blue]
> session_set_cookie_params() should be called before session_start(),
> is this the case?
>[/color]
Another problem can be the way you are accessing the value of the autologin
checkbox. The way you are doing this relies on register_globals being
enabled, which isn't the case by default in PHP5.
See if using $_REQUEST['autologin'] instead of using $autologin solves the
problem when session_set_cookie_params() and session_start() are called in
the correct order.
JW
| | | | re: How to set a session to either 365 days or to when browser closes
>>session_set_cookie_params() should be called before session_start(),[color=blue][color=green]
>>is this the case?[/color][/color]
No. See my code? ;-) It is not all the code, but just the session part
of it.
[color=blue]
> Another problem can be the way you are accessing the value of the autologin
> checkbox. The way you are doing this relies on register_globals being
> enabled, which isn't the case by default in PHP5.
>
> See if using $_REQUEST['autologin'] instead of using $autologin solves the
> problem when session_set_cookie_params() and session_start() are called in
> the correct order.[/color]
That is not the problem either. I can read the autologin value, as I get
it from the REQUEST.
The problem is, that it doesn't matter whast I write in the
"session_set_cookie_params(whatever)" function - the timeout is always
the value I have specified in the php.ini file
(session.cookie_lifetime=31536000)
| | | | re: How to set a session to either 365 days or to when browser closes
FamB wrote:[color=blue]
> No. See my code? ;-) It is not all the code, but just the session part
> of it.
>[/color]
Your code snippet doesn't reveal if session_start is called before or after
session_set_cookie_params(), that's why I'm asking.
To quote the manual:
"The effect of this function only lasts for the duration of the script.
Thus, you need to call session_set_cookie_params() for every request and
before session_start() is called."
JW
| | | | re: How to set a session to either 365 days or to when browser closes
>>No. See my code? ;-) It is not all the code, but just the session part[color=blue][color=green]
>>of it.[/color]
>
> Your code snippet doesn't reveal if session_start is called before or after
> session_set_cookie_params(), that's why I'm asking.
>
> To quote the manual:
> "The effect of this function only lasts for the duration of the script.
> Thus, you need to call session_set_cookie_params() for every request and
> before session_start() is called."[/color]
if($autologin == "on")
session_set_cookie_params(60*60*24*365); // 365 days
else
session_set_cookie_params(0); // when browser closes
session_start();
I am sorry, but how can you be in doubt, that session_start is called
after session_set_cookie? There is an if-else before session_start.
:-)
| | | | re: How to set a session to either 365 days or to when browser closes
FamB wrote:[color=blue]
> I am sorry, but how can you be in doubt, that session_start is called
> after session_set_cookie? There is an if-else before session_start.
> :-)[/color]
Overlooked that one completely.... Anyways, what happens when you run the
following script:
<?php
session_set_cookie_params(0);
session_start();
if (!isset($_SESSION['debug'])) {
print "setting debug";
$_SESSION['debug'] = 1;
} else {
print $_SESSION['debug'];
}
?>
Each time you close your browser, the "setting debug" message should be
displayed. When this is the case, it's possible the session part of your
code is never reached for some reason.
JW
|  |
| | |  /bytes/about
We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights.
Get the best answers to your questions from over 226,376 network members.
|
