0

Hello all.

The problem:

I have started a session. Now I would need to set an expiry time (24 hours) on the cookie it creates (if it creates it).

How do I achieve this?

Thanks to all, who anwsers.

Edited by Psyho: n/a

3
Contributors
7
Replies
8
Views
5 Years
Discussion Span
Last Post by Stefano Mtangoo
0
if(!isset$_SESSION['expiry']){
    $_SESSION['expiry']=time()+$time_to_expire;
}else{
    //if time have expired
    if( time()>$_SESSION['expiry']){
        //echo message and redirect to the page
        //unset variable
    }
}

*untested*

0
if(!isset$_SESSION['expiry']){
    $_SESSION['expiry']=time()+$time_to_expire;
}else{
    //if time have expired
    if( time()>$_SESSION['expiry']){
        //echo message and redirect to the page
        //unset variable
    }
}

*untested*

Thank you it works.

But I would like to ask: I have read somewhere (I can't remember where anymore), that when session starts, it may set a cookie named SSID on client-side.

Is that true, and if it is , can it be used for such a thing?

0

Thank you it works.

But I would like to ask: I have read somewhere (I can't remember where anymore), that when session starts, it may set a cookie named SSID on client-side.

Is that true, and if it is , can it be used for such a thing?

I would advice you to stay away with internals of PHP.
That being said, I will quote Vikram's explanation found here:

Sessions work by associating every session with a session ID (a unique
identifier for the session) that is automatically generated by PHP. This session ID is
stored in two places: on the client using a temporary cookie, and on the server in a
flat file or a database. By using the session ID to put a name to every request received,
a developer can identify which client initiated which request, and track and maintain
client-specific information in session variables (variable-value pairs which remain alive
for the duration of the session and which can store textual or numeric information).

0

I would agree with evstevemd, changing the way session works on php could create big security holes on the server. An easy way to manually manage sessions is to store the start time in a session variable and if it exceeds 24 hours, just call session_destroy.

0

Thank you everyone, you all were a great help to me.

With this i think it's case closed.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.