| Re: session handler auto log out [message #176094 is a reply to message #176090] |
Wed, 23 November 2011 11:12   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 11/23/2011 4:17 AM, Arno Welzel wrote:
> Jerry Stuckle, 2011-11-22 19:18:
>
>> On 11/22/2011 10:55 AM, Arno Welzel wrote:
>>> Jerry Stuckle, 2011-11-22 13:18:
>>>
>>>> On 11/22/2011 6:09 AM, Arno Welzel wrote:
>>>> > Jerry Stuckle, 2011-11-21 18:46:
>>>> >
>>>> >> On 11/21/2011 9:31 AM, Arno Welzel wrote:
>>>> >>> Jerry Stuckle, 2011-11-21 15:13:
>>>> >>>
>>>> >>>> On 11/21/2011 9:07 AM, Arno Welzel wrote:
>>>> >>>>> DavidB, 2011-11-19 23:49:
>>>> >>>>>
>>>> >>>>>> Is there a way to model a session handler to auto logout after
>>>> >>>>>> a specified
>>>> >>>>>> period of time without refreshing the page? Something similar
>>>> >>>>>> to a bank
>>>> >>>>>> website that auto logs me out and redirects me to another page.
>>>> >>>>>
>>>> >>>>> If you want to force the client to redirect the user to another
>>>> >>>>> page as
>>>> >>>>> soon as the session on the *server* times out you must do
>>>> >>>>> periodically
>>>> >>>>> checks on the client e.g. using AJAX.
>>>> >>>>>
>>>> >>>>>
>>>> >>>>
>>>> >>>> Which is not what the op wants. But both Denis and myself already
>>>> >>>> pointed this out two days ago. What's your point?
>>>> >>>
>>>> >>> Using AJAX is not "refreshing the page". You just said "needs a
>>>> >>> request"
>>>> >>> and AJAX is a way to do a request.
>>>> >>
>>>> >> It is a way which will NOT work.
>>>> >
>>>> > Why?
>>>>
>>>> Because the AJAX call will reset the session timer, so the session will
>>>> never time out.
>>>
>>> And where did i say that the AJAX call should be *before* the session
>>> times out?
>>>
>>
>> Backpeddling, huh?
>
> No. You just don't understand it.
>
I understand completely, backpeddler.
>>> And even if it is implemented this way - why should it not be possible
>>> to implement a server side script which responds to the AJAX calls and
>>> checks the existing session without resetting the session timeout?
>>>
>>
>> Backpeddling, huh?
>
> Nope.
>
Yep.
>>> Hint: It is also possible to implement a session handling on your own.
>>>
>>
>> Yup, not easy to do, though.
>
> Recording a timestamp and checking if the time of the last request by
> the user (and not only the "check if session is still valid" request) is
> not older than x minutes is "not easy"?
>
A lot more to it than that, if you actually understood session handling.
> [...]
>>>> And I did not say "refresh the page". I said "needs a request". I
>>>> didn't say what KIND of request.
>>>
>>> So using AJAX to send a request is fine ;-)
>>
>> ROFLMAO! No, I didn't say AJAX was OK.
>>
>> Wise up. You were wrong, but refuse to admit it.
>
> Nope. You just don't understand it.
>
>
I understand completely, backpeddler.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]