|
|
Posted by lawpoop on 01/03/08 15:36
On Jan 2, 4:34 pm, Good Man <he...@letsgo.com> wrote:
> > How can I test cookie expiration with that? The browser unsets cookies
> > based on what *it* thinks the time is, not what the server thinks the
> > time is.
>
> > In other words, if the server is in Pacific time, and I'm in Eastern
> > time, setting the cookie to expire on date() ( meaning, 'right now' )
> > looks to be 3 or 4 hours in the past to my browser. So, if the server
> > give a cookie to expire at 4PM today, which is the time in Seattle,
> > that expiration date is already in the past for me, since it's already
> > 7PM.
>
> I guess I'm having a bit of difficulty trying to understand. Cookies
> are local/stored on the user browser, correct? So with you in Los
> Angeles and I in New York, we'll never see each others' cookies.
Perhaps I'm not understanding it properly myself. Let me try to
explain it.
The website gives a cookie to the browser. That cookie stores
information that applies only to that website. It's like asking the
browser to store information for the website, and return that
information when the browser returns to that website.
One of the properties of the cookie is that it has an expiry time. It
won't last forever; the time that it lasts is set by the website.
Since the expiry time may pass when the user is not browsing the site,
it's up to the browser to delete a cookie when it has expired. This
cookie deletion happens independently of the wesbite; the browser does
it on its own.
If we are two browsers looking at the same site, we won't see each
others cookies. You are correct there. However, if we are browsing the
same site, we will each have our own cookies that we each get from the
website.
However, when a user returns to a website, the website can see the
cookie(s) that it previously gave a browser, so long as they haven't
expired. If they have expired, the browser won't send them back to the
website. And therein lies the rub: if the browser and the server
disagree about what time it is, the server may be expecting the cookie
when the browser thinks it's too old.
So, if the server generates a cookie that is set to expire at
something like "date() + 5 minutes", a timezone change could trip that
up. For the server in California, the time may be 8 AM, so it gives
the cookie to the browser, with an expiration time of 8:05 AM. For the
browser in New York, it's already 11 AM ( if it's 8 AM in CA ) , so a
cookie set to expire at 8:05AM, the cookie is DOA.
It's like I'm in Portland and you're in New York. I want some
information from you, to get to the bank before 5 PM. For you, 5 PM
comes and goes, no information. Then, at 7PM New York time, you get
the information. You say, "Oh, it's past 5PM, it's too late."
Meanwhile in Portland, the local time is 4PM, because of the time zone
difference. You could call me and give me the information, but because
of the time zone difference, you and I disagree about what time it
is.
>
> I interpreted your problem as essentially keeping a file 'open' or
> 'checked out' (insert your verb here) for 5 minutes before
> allowing/disallowing changes or something. So, if you open a file at
> 10amPST, and I want to open it a minute later (1pm EST), I should see
> that only 1 minute has passed (as opposed to 3 hours and 1 minute).
>
> If that's the case, what I am suggesting is that when person A opens the
> document, you record the SERVER time in a database or text file. Then
> when person B hits the same document, PHP compares the time elapsed on
> the server between when Person A and Person B accessed the document, ie:
> whether or not its been less than / greater than 5 minutes.
Actually that's a great idea. Instead of storing data in the cookie, I
can just store a unique token in it to identify returning users. I can
use that token to look up the actual data I want to store from the
database.
>
> Sorry to be of so little help!
Well, it is helpful to discuss it with someone. If I can't explain my
situation properly, that probably means I don't understand it myself!
Navigation:
[Reply to this message]
|