FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » session handler auto log out
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: session handler auto log out [message #176132 is a reply to message #176099] Fri, 25 November 2011 09:40 Go to previous messageGo to previous message
Erwin Moller is currently offline  Erwin Moller
Messages: 228
Registered: September 2010
Karma:
Senior Member
On 11/23/2011 7:53 PM, Denis McMahon wrote:
> On Wed, 23 Nov 2011 10:55:36 +0100, Erwin Moller wrote:
>
>> On 11/23/2011 3:09 AM, Denis McMahon wrote:
>>> On Tue, 22 Nov 2011 16:55:40 +0100, Arno Welzel wrote:
>>>
>>>> > Because the AJAX call will reset the session timer, so the session
>>>> > will never time out.
>>>>
>>>> And where did i say that the AJAX call should be *before* the session
>>>> times out?
>>>
>>> If the ajax call is made after the session has timed out, then you're
>>> back to the previously discussed situation where you get a request
>>> without a valid current session ID and do with it as you wish.
>>>
>>> Any request, whether ajax initiated, a form submission, clicking a
>>> link, grabbing an image etc will send the session cookie from the
>>> client to the server if a session cookie is defined.
>
>> Are you sure a request for an *image* will modify the Session?
>>
>> I thought the Session would only be updated if session_start() is used
>> (directly or indirectly by activation session.auto_start).
>
> Read what I wrote again:
>
> 1) Any request ... will send the session cookie from the client to the
> server if a session cookie is defined.
>
> This is something that the client does - if it has valid (non expired)
> cookies for the server and makes a request to the server, it sends the
> cookies.
>
> So yes, the client browser sends the cookies with every request,
> including images etc.
>
> If the request is then served by php (and you can serve any content with
> php) _and_ that php invokes the session handler, then the php session
> timer is reset in the server, and an updated session cookie will be sent
> back to the client browser.
>
> eg if my web page includes<img src="server/getimage.php?imgid=76">
>
> and getimage.php looks something like:
>
> <?php
> session_start();

etc..

<snip>

Hi Dennis,

OK, Then we agree completely.

The reason I interrupted was simply that we were discussing updating
session expiration. In that context your former posting could easily be
misinterpreted, although you didn't write it exactly that the session
expiration would be updated by a typical image request (no PHP involved).
And I just wanted to make that point clear. :-)

Regards,
Erwin Moller

--
"That which can be asserted without evidence, can be dismissed without
evidence."
-- Christopher Hitchens
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: preg_match() oddities and question
Next Topic: Phone number formatting
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 14:37:37 GMT 2024

Total time taken to generate the page: 0.03358 seconds