Page 1 of 1

Session variable life and remote site

Posted: Sat Mar 08, 2003 6:44 pm
by Bill H
I have read the PHP manual and run some tests using my own browser with cookies enabled and with cookies disabled and I would like one (or more) of you bright guys (that's the generic computer "guys" not referring to gender) to confirm my conclusion before I revise the functionality of my website.

(My server is running PHP 4.2.3)

If I set a $_SESSION variable and then route the user off to a secure server (different site) to have the shopping cart processed and then return the user to my site after the credit card is processed then that $_SESSION variable will still be set. Even if the user has disabled cookies.

But if the user kills his browser and returns, the var is unset. And at some point it will time out even if the user doesn't kill his browser.

(The English language is in bad need of a gender-neutral pronoun.)

Posted: Sat Mar 08, 2003 7:31 pm
by evilcoder
not sure about timeout, but yes, as long as the browser isn't killed or the session isn't killed the user will stull be running the session onyour site.

As for timing out, i've left my browser and net idle for 3 hours and returned with me still logged into the account.