 |  |  |  |  |  |  |  |
how to set a session to destroy itself unset whatever in a certain amount of time
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
•
•
Join Date: Apr 2009
Posts: 290
Reputation: 
Solved Threads: 2
Posting Whiz in Training
0
#11 Nov 4th, 2009
•
•
•
•
Originally Posted by Atli 
Yes, it is a security measure, limiting the window for a session hijacking.
There are ways for malicious persons to obtain your session cookie, which gives them the ability to hijack an open session. The less time the session is left idle, the less time the hijackers have to hijack it.
Not exactly bullet proof, but in cases like these our options are kind of limited.
Aside from that, this is also just a matter of clearing up the unused session data laying around on the server. Session are only meant to be temporary storage, lasting a single "session". If you leave for an extended period, once you return and resume what you were doing, that would be considered a new session. How long that period is, that is up to you.
•
•
Join Date: May 2007
Posts: 455
Reputation:
Solved Threads: 56
Posting Pro in Training
0
#12 Nov 4th, 2009
PHP uses cookies by default. If you don't know whether or not u use cookies to transfer the session ID, you almost definitely do.
Doesn't really matter in this context tho. The other option; using the query string, is no more secure. Less so, if anything.
Doesn't really matter in this context tho. The other option; using the query string, is no more secure. Less so, if anything.
Please do not ask for help in a PM. Use the forums.
And use [code] tags!
And use [code] tags!
•
•
Join Date: May 2007
Posts: 455
Reputation:
Solved Threads: 56
Posting Pro in Training
0
#13 Nov 4th, 2009
Duplicate... The forum software is on the fritz xD
Last edited by Atli; Nov 4th, 2009 at 4:05 am.
Please do not ask for help in a PM. Use the forums.
And use [code] tags!
And use [code] tags!
•
•
Join Date: Apr 2009
Posts: 290
Reputation:
Solved Threads: 2
Posting Whiz in Training
0
#14 Nov 4th, 2009
thanks i have no more questions u answered them all!
|
Similar Threads
- session destroy (PHP)
- Session time out in PHP (PHP)
- Are websites like daniweb suppose to keep user history log for a amount of time? (MySQL)
- How to end a program after a certain amount of time? (C++)
- Computer freezes after an amount of time. (Windows NT / 2000 / XP)
- how to set session timeout (ASP.NET)
- how do i readln for an amount of time? (Pascal and Delphi)
- Calculate the amount of time in the linux process using perl script (Perl)
Other Threads in the PHP Forum
- Previous Thread: using variable substitutions in conditional statements
- Next Thread: need help with table
Views: 758 | Replies: 13
| Thread Tools | Search this Thread |
Latest PHP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
Tag cloud for destroy, gc_maxlifetime, question, sessions, unset
