|
Posted by sid on 02/01/07 22:43
On Jan 31, 3:15 pm, Rik <luiheidsgoe...@hotmail.com> wrote:
> sid <sidwe...@alexian.net> wrote:
> > How long does a session live.
>
> > I have a web page that correctly gets a SessionID on first visit, but
> > I thought that when the browser left the site and returned it would
> > receive a new SessionID, but it gets the old one again.
>
> > The only way I can get a new one is to close the browser and open a
> > new instance.
>
> > Is this correct ?
>
> If you're using cookies for storing the session-id, the default for tme to
> live is 0: untill the browser is closed. This has little to do with wether
> you keep the data stored at the server or not. If someone claims to have a
> session-id, PHP will have no trouble creating a nice, new session with
> that very session-id. UA's can keep cookies longer, shorter, or not at all
> regardless of what you set though.
>
> You can set the lifetime of the cookie to something else if you'd like.
> Look at the manual for all configuration possibilities: http://www.php.net/session
>
> In this case you can use ini_set() to set the session.cookieliftime to
> what you'd like.
> --
> Rik Wasmus
I know PHP has a session_destroy command, can't you use this to kill
the session when the users browse away from your site ?
[Back to original message]
|