Re[2]: [phplib] per session cookies expiring after e15 mins From: Maxim Derkachev (kot <email protected>)
Date: 04/13/01

>> I'm using per session cookies within an application but if the page is left
>> for more than about 15 mins, the session expires.
>> $lifetime is set to 0 in my local.inc.

The session or Auth ?
The session could only expire afrter 15 minutes, if the $gc_time is
set to 15. If the $lifetime is set to 15, the cookie will be not a session
cookie, and it will expire before the browser is closed (if it is
closed after more then 15 minutes).

BM> If you don't use Example_Session class (from local.inc) for session, modify the
BM> $lifetime from your class.
BM> If you use Example class, that is an error, and I don't know a solution.

$lifetime is not the session lifetime, but the cookie lifetime. If it
is set to any positive value, the cookie won't be a session cookie
(while it could hold the session id in it), it would be a normal cookie,
saved to the disk, which would expire after $lifetime minutes.
The session lifetime is set in the $gc_time, after that time (in minutes)
the session data might be cleared by the garbage collector.
If you supply a valid session id (e.g. in the query string) before the session
is destroyed, the session would be rejuvenated, even if the cookie
which used to supply the session id has expired.

>> Is there a way I can set up per session cookies to only expire when the
>> browser is closed and not before?

The session cookie expires when the browser is closed, but not the
session itself!! The session at the server side remains valid until
$gc_time minutes expired. 

-- 
Best regards,
Maxim Derkachev mailto:kot <email protected>
Symbol-Plus Publishing Ltd.
phone: +7 (812) 324-53-53
http://www.Books.Ru -- All Books of Russia
 

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>