session persistence issue

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
tramni731
Forum Newbie
Posts: 1
Joined: Sun May 02, 2010 2:38 am

session persistence issue

Post by tramni731 »

I am writing a CRM program with the following technical specification. I hit an issue with broswer "session"

- PHP 5.2.x
- Apache 2.x
- Cakephp framework
- when set the security level to 'medium', the session persist but it won't destroy itself after browser close
- when set the security level to 'high', the session will be cleared after user close the browser, but the session will be lost occasionally e.g. click multiple hyperlinks in a sec

Can you suggest what could possibly go wrong and how to rectify the issue?
Post Reply