HOW TO: make a session valid only as long as user on site? – PHP

  php

Q(Question):

I trying to use sessions to save a user name/id after login.
If the user leaves the site and comes back, how do I force a new session and
login?

A(Answer):

"gsb" <gs*@QWest.net> schrieb:

I trying to use sessions to save a user name/id after login.
If the user leaves the site and comes back, how do I force a new session and
login?

No chance.

Regards,
Matthias

A(Answer):

> If the user leaves the site and comes back, how do I force a new session
and login?

use cookies for this.

A(Answer):

"Bernhard Hörlberger" <sh********@netway.at> schrieb:

If the user leaves the site and comes back, how do I force a new session
and login?

use cookies for this.

And how do you know when to resume an existing session and when to
create a new session?

Regards,
Matthias

A(Answer):

Terry Austin <ta*****@hyperbooks.com> schrieb:

Cookies have a time to live setting, referred to as the expire time. If
unset, the cookie automatically expires when the browser is closed.

That’s OK, but the question was about "leaving the site". It seems like
problem of the definition of "leaving". Does "leave" mean, that you
closed the browser? Does it mean, that you did not show any activity in
the last 5 minutes?

So, if the nameless poster calling himself "gsb" tells us what he means
with "leaving", we might give him something which you could call a
solution.

Regards,
Matthias

A(Answer):

Matthias Esken <mu************@usenetverwaltung.org> wrote in
news:bi**********@usenet.esken.de:

Terry Austin <ta*****@hyperbooks.com> schrieb:

Cookies have a time to live setting, referred to as the expire time. If
unset, the cookie automatically expires when the browser is closed.
That’s OK, but the question was about "leaving the site". It seems like
problem of the definition of "leaving". Does "leave" mean, that you
closed the browser? Does it mean, that you did not show any activity in
the last 5 minutes?

I suspect it would *have* to mean one of those two.
So, if the nameless poster calling himself "gsb" tells us what he means
with "leaving", we might give him something which you could call a
solution.

Cookies could be used for either. If you don’t set the expire time, the
session lasts until you close the browser. If you want to set a specific
time, set the expire time for the cookie to (for instance) five minutes in
the future. If he wants to have it expire if the user leaves the site to go
elsewhere, I suspect he’s out of luck, because the protocol doesn’t support
that (as far as I know).

Larry Flynt for Governor!
Bringing dignity back to the Governor’s Mansion

Terry Austin
ta*****@hyperbooks.com

A(Answer):

Terry Austin wrote:

Matthias Esken <mu************@usenetverwaltung.org> wrote in
news:bi**********@usenet.esken.de:

Terry Austin <ta*****@hyperbooks.com> schrieb:

Cookies have a time to live setting, referred to as the expire time. If
unset, the cookie automatically expires when the browser is closed.

That’s OK, but the question was about "leaving the site". It seems like
problem of the definition of "leaving". Does "leave" mean, that you
closed the browser? Does it mean, that you did not show any activity in
the last 5 minutes?

I suspect it would *have* to mean one of those two.

So, if the nameless poster calling himself "gsb" tells us what he means
with "leaving", we might give him something which you could call a
solution.

Cookies could be used for either. If you don’t set the expire time, the
session lasts until you close the browser. If you want to set a specific
time, set the expire time for the cookie to (for instance) five minutes in
the future. If he wants to have it expire if the user leaves the site to
go elsewhere, I suspect he’s out of luck, because the protocol doesn’t
support that (as far as I know).

Just have a sessions table with an expiry time, and extend it by a set number
of seconds (e.g. 480) each time they fetch a page. That way, they’re automatically
logged out after (e.g.) 8 minutes of inactivity

LEAVE A COMMENT