| Re: session handler auto log out [message #176111 is a reply to message #176106] |
Thu, 24 November 2011 08:47   |
Arno Welzel
Messages: 317
Registered: October 2011
Karma:
|
Senior Member |
|
|
Denis McMahon, 2011-11-24 00:07:
> On Wed, 23 Nov 2011 20:42:40 +0100, Arno Welzel wrote:
>
>> Denis McMahon, 2011-11-23 19:58:
>>
>>> On Wed, 23 Nov 2011 10:17:45 +0100, Arno Welzel wrote:
>>>
>>>> >> Hint: It is also possible to implement a session handling on your
>>>> >> own.
>
>>>> > Yup, not easy to do, though.
>
>>>> Recording a timestamp and checking if the time of the last request by
>>>> the user (and not only the "check if session is still valid" request)
>>>> is not older than x minutes is "not easy"?
>
>>> and the session variables?
>
>> They get lost, as soon as the PHP session times out of course - but by
>> doing periodically request using JavaScript this will not happen, so one
>> has to implement additional logic to maintain your application specific
>> session timeout and to distinguish between the periodically session
>> checks via JavaScript and "real" requests caused by user interaction.
>
> I was asking how you're going to handle session variables in your own
> session handler.
>
> It seems you're not going to handle them ....
Yep - because it is not neccessary *replace* the PHP session handler -
just some additional logic is needed to "emulate" a timeout and to
destroy the session if the timeout is reached.
--
Arno Welzel
http://arnowelzel.de
http://de-rec-fahrrad.de
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]