FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » session handler auto log out
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: session handler auto log out [message #176097 is a reply to message #176096] Wed, 23 November 2011 15:39 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 11/23/2011 10:04 AM, Arno Welzel wrote:
> Jerry Stuckle, 2011-11-23 12:12:
>
>> On 11/23/2011 4:17 AM, Arno Welzel wrote:
>>> Jerry Stuckle, 2011-11-22 19:18:
>>>
>>>> On 11/22/2011 10:55 AM, Arno Welzel wrote:
>>>> > Jerry Stuckle, 2011-11-22 13:18:
>>>> >
>>>> >> On 11/22/2011 6:09 AM, Arno Welzel wrote:
>>>> >>> Jerry Stuckle, 2011-11-21 18:46:
>>>> >>>
>>>> >>>> On 11/21/2011 9:31 AM, Arno Welzel wrote:
>>>> >>>>> Jerry Stuckle, 2011-11-21 15:13:
>>>> >>>>>
>>>> >>>>>> On 11/21/2011 9:07 AM, Arno Welzel wrote:
>>>> >>>>>>> DavidB, 2011-11-19 23:49:
>>>> >>>>>>>
>>>> >>>>>>>> Is there a way to model a session handler to auto logout after
>>>> >>>>>>>> a specified
>>>> >>>>>>>> period of time without refreshing the page? Something similar
>>>> >>>>>>>> to a bank
>>>> >>>>>>>> website that auto logs me out and redirects me to another page.
>>>> >>>>>>>
>>>> >>>>>>> If you want to force the client to redirect the user to another
>>>> >>>>>>> page as
>>>> >>>>>>> soon as the session on the *server* times out you must do
>>>> >>>>>>> periodically
>>>> >>>>>>> checks on the client e.g. using AJAX.
>>>> >>>>>>>
>>>> >>>>>>>
>>>> >>>>>>
>>>> >>>>>> Which is not what the op wants. But both Denis and myself already
>>>> >>>>>> pointed this out two days ago. What's your point?
>>>> >>>>>
>>>> >>>>> Using AJAX is not "refreshing the page". You just said "needs a
>>>> >>>>> request"
>>>> >>>>> and AJAX is a way to do a request.
>>>> >>>>
>>>> >>>> It is a way which will NOT work.
>>>> >>>
>>>> >>> Why?
>>>> >>
>>>> >> Because the AJAX call will reset the session timer, so the session will
>>>> >> never time out.
>>>> >
>>>> > And where did i say that the AJAX call should be *before* the session
>>>> > times out?
>>>> >
>>>>
>>>> Backpeddling, huh?
>>>
>>> No. You just don't understand it.
>>>
>>
>> I understand completely, backpeddler.
>>
>>>> > And even if it is implemented this way - why should it not be possible
>>>> > to implement a server side script which responds to the AJAX calls and
>>>> > checks the existing session without resetting the session timeout?
>>>> >
>>>>
>>>> Backpeddling, huh?
>>>
>>> Nope.
>>>
>>
>> Yep.
>
> You still don't get it.
>
>>>> > Hint: It is also possible to implement a session handling on your own.
>>>> >
>>>>
>>>> Yup, not easy to do, though.
>>>
>>> Recording a timestamp and checking if the time of the last request by
>>> the user (and not only the "check if session is still valid" request) is
>>> not older than x minutes is "not easy"?
>>>
>>
>> A lot more to it than that, if you actually understood session handling.
>
> I do.
>
>>> [...]
>>>> >> And I did not say "refresh the page". I said "needs a request". I
>>>> >> didn't say what KIND of request.
>>>> >
>>>> > So using AJAX to send a request is fine ;-)
>>>>
>>>> ROFLMAO! No, I didn't say AJAX was OK.
>>>>
>>>> Wise up. You were wrong, but refuse to admit it.
>>>
>>> Nope. You just don't understand it.
>>
>> I understand completely, backpeddler.
>
> No you don't. You said:
>
> "While you can set a session timeout value on the server, you can't
> force the client to a different page from the server. It requires a
> request from the client."
>
> You don't understand because you assume that any request will *always*
> reset the session timeout and you assume that relying on PHPs own
> session handling is the only way to go.
>
>

No, but I also know that any request which does not reset the timeout
does not cause a redirect.

We are talking PHP sessions here, not something you've cobbled up on the
side. And that's how PHP sessions work.


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: preg_match() oddities and question
Next Topic: Phone number formatting
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Mon Nov 25 22:33:49 GMT 2024

Total time taken to generate the page: 0.04859 seconds