Hi All,
First, just wanted to say that I found what I thought was a very helpful
tutorial on sessions in case anyone out there has questions on them:
http://www.free2code.net/tutorials/p...4/sessions.php
I've been using sessions for quite some time but only after reading this
do I really understand what is going on on both the client and server side.
Unfortunately, I still have some unanswered questions after reading it,
as it is pretty basic and gives a quick intro to sessions. For testing
purposes, I turned off all cookies in IE and attempted to sign into my
site on my local host, which uses sessions for signing in. In addition,
session.use_trans_sid = 0 in my ini file. I can't figure out how, but
somehow my scripts all still work and I am able to login fine, even
though cookies are disabled, as well as trans sid. How is my session id
being passed, as my understanding is these are the 2 possible methods?
There is no sessid propagated through the URL either, so it is not
through a get variable.
Also, I looked in my sessiondata folder and found a bunch of session
data. When I physically log out and kill a session, it removes it from
the folder. However, when I just close the browser window, it does not
remove the data from the folder. Reopening the browser right away
results in a new session and requires the user to login again, but the
old data from the previous session is still there. I checked my ini,
and found the default:
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440
But this isn't working as far as I can tell because I have session files
from days ago, and according to this it should be deleted after 24 minutes.
Sorry for the long post, but thanks in advance for all help!!
Marcus