Page 1 of 1

Sessions Problem

Posted: Thu Aug 21, 2008 6:46 am
by gavshouse
hi im having a problem of being logged out of my site randomly mostly when i shutdown i have this on every page and also every ajax called page should i not have it on the ajax called page ?

Code: Select all

session_set_cookie_params(2678400, '/', '.domain.com'); //31 days
session_start();
session_regenerate_id();
That should keep me logged in for 31 days right ?

So the main question is, is that code right and should i have it on my ajax called pages ?

Re: Sessions Problem

Posted: Thu Aug 21, 2008 7:05 am
by Corvin
gavshouse wrote:That should keep me logged in for 31 days right ?
Yes, if you don't close your browser. If you want to be still logged in after restarting your computer you have to use cookies.

Re: Sessions Problem

Posted: Thu Aug 21, 2008 8:51 am
by gavshouse
but the session is stored in a cookie ?

Re: Sessions Problem

Posted: Thu Aug 21, 2008 8:59 am
by Corvin
The session-ID is stored in a cookie (if the user's browser allows cookies) because it's more secure (link).

Re: Sessions Problem

Posted: Thu Aug 21, 2008 9:10 am
by gavshouse
so should i make a cookie called

Remember = "yes"
Username = "blah"
Password = "Password"

and the password cookie is md5 and also attach the ip onto the password so

Code: Select all

md5($password.$ip);
Then if remember me it will login and issue a new session ?

Re: Sessions Problem

Posted: Thu Aug 21, 2008 9:25 am
by Corvin
Of course you should save the password as a md5-Hash. But you shouldn't attach the IP address because it may change after a reboot.

Re: Sessions Problem

Posted: Thu Aug 21, 2008 10:42 am
by pawarnilesh4u
you need to set cookies and give time for it as 31 days
setcookie($username, $username, (time()+3600)*24*31);
setcookie($username."pass", $password, (time()+3600)*24*31);
and on you application top part if you find this cookies already set
you can register the session else ask for login.