|
|
Posted by Jerry Stuckle on 11/21/06 05:11
Mickey wrote:
> Hi,
>
> I just have a couple of questions regarding sessions. I read the php
> manual but I just wasn't clear on a couple of things.
>
> I am using the following to control my sessions:
> ..
> ini_set('session.save_path',"./sessions/sess/");
> ini_set("session.gc_maxlifetime","300");
> ini_set('session.gc_probability',1);
> ini_set('session.gc_divisor',1);
> ..
>
> I want the garbage collector to kill a users session the second a user
> closes their browser (or as quick as possible). Am I doing correct
> above ^ to achieve this?
>
> Also, are there any security issues with having the 'session.save_path'
> set to a directory like above or should I perhaps have it set to
> somewhere like "../../sessions/sess/"?
>
> Thanks in advance!
>
You can't do it. Your system gets no notification when the client
closes their browser.
About all you can do is set a timeout long enough that an active user
doesn't get frustrated, but short enough that the sessions don't hang
around forever.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|