7 Replies - 3078 Views - Last Post: 21 January 2010 - 04:07 AM Rate Topic: -----

#1 JustinDonnelly  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 14
  • Joined: 18-June 09

$_SESSION or $_COOKIE

Post icon  Posted 19 January 2010 - 02:04 AM

hi,

being quiet a noob to coding, the first tutorual i found about login scripts was using $_SESSION. I have since that point been using sessions. The only problem is now i have a test site up, the sessions expire to quickly.

Can this be solved easily? Would declaring the session again in the footer refresh the session and give it another X amount of minutes?

Or would i be best servered moving to cookies? Any tutorials, help or advice would be appreciated!

Thanks in advnace for this nub question! :)

Is This A Good Question/Topic? 0
  • +

Replies To: $_SESSION or $_COOKIE

#2 depricated  Icon User is offline

  • DLN-000

Reputation: 714
  • View blog
  • Posts: 2,422
  • Joined: 13-September 08

Re: $_SESSION or $_COOKIE

Posted 19 January 2010 - 04:57 AM

You can include session_start(); at the beginning of every page to refresh the session when a new page loads. Is this what you're doing now? If not that might fix the problem of them expiring too quickly.

At least that's how I've been doing it, and haven't had any trouble with losing variables or expiring sessions.

This post has been edited by depricated: 19 January 2010 - 04:58 AM

Was This Post Helpful? 0
  • +
  • -

#3 JustinDonnelly  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 14
  • Joined: 18-June 09

Re: $_SESSION or $_COOKIE

Posted 19 January 2010 - 05:08 AM

Thanks for the reply,

I have SESSION_START(); in my connection.php which is included in every page.

It works fine locally, i never get loged out, but online, it seems to boot people out at different intervals.
Was This Post Helpful? 0
  • +
  • -

#4 Elbrus  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 4
  • View blog
  • Posts: 107
  • Joined: 22-July 08

Re: $_SESSION or $_COOKIE

Posted 19 January 2010 - 09:30 AM

Can you supply a part of your code, it would help the ability of others to help you with your problem?

Also if this only work locally it may just be your host. What host are you using?

This post has been edited by Elbrus: 19 January 2010 - 09:33 AM

Was This Post Helpful? 0
  • +
  • -

#5 kiwi2  Icon User is offline

  • D.I.C Head
  • member icon

Reputation: 8
  • View blog
  • Posts: 178
  • Joined: 16-September 08

Re: $_SESSION or $_COOKIE

Posted 19 January 2010 - 09:46 AM

Usually I would say gc_maxlifetime, but on a google search it is suggested that this is ineffective, therefore, perhaps, edit the php.ini
Was This Post Helpful? 0
  • +
  • -

#6 musya  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 11
  • View blog
  • Posts: 1,012
  • Joined: 25-April 07

Re: $_SESSION or $_COOKIE

Posted 19 January 2010 - 05:20 PM

Try this

$_session['timeout']=600; // where 600 == 10 min.


Never tried this, but it seems to work for others.
Was This Post Helpful? 0
  • +
  • -

#7 akozlik  Icon User is offline

  • D.I.C Addict
  • member icon

Reputation: 90
  • View blog
  • Posts: 797
  • Joined: 25-February 08

Re: $_SESSION or $_COOKIE

Posted 20 January 2010 - 12:31 PM

You might be interested in this tutorial I wrote about cookies and sessions.
Was This Post Helpful? 0
  • +
  • -

#8 JustinDonnelly  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 14
  • Joined: 18-June 09

Re: $_SESSION or $_COOKIE

Posted 21 January 2010 - 04:07 AM

Thanks for your replies guys!

I read that tutorial.

My session holds the username. if i was to put this in a cookie the user could in theory change this and gain access to someone elses account.

Would i be best, assigning a cookie called logged in, and having it store a 32 string unique (to my database) random number/string that relates to one user record. Then if that is set, when they load the page, then a session is set which stores their username?

Or is this bad for security?

Coz surely there is alot of 32 digit combinations of all numbers and letters and cases :D
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1