quick sessions question

[Eggzorcist]

I'm developing an application which may have have a person on the same page writting something for quite a long period of time. I was wondering as my security is set up with sessions could these sessions die by the time you'd finish the form?

 

Thanks

[.josh]

yes.

[Third_Degree]

Yes, they potentially could.  I think to fix it you'll need to edit session_timeout with ini_set()

[Eggzorcist]

the session_timeout is in php.ini?

 

also is there any alternative which could fix this issue?

[waynew]

You could use Ajax to keep saving drafts of what they're typing.

[patrickmvi]

Another solution would be to somehow automatically re-establish their session when they would submit the form if it has expired using a cookie or get variable to keep track of who they are.

[aschk]

I believe you can set certain php.ini values using .htaccess or your virtual host config (depending on hosting limitations).

You can also try doing the following in your code:

 

<?php
ini_set("session.gc_maxlifetime", 7200);
?>

 

Assuming their session times out, when they submit their post would you require them to log in again? If that's the case then i'm guessing you redirect them to a login page. What you need to do is create a new session for them using their old session cookie value, save their post data (in session), and process their login and then post in the same step.

[PFMaBiSmAd]

My favorite subject, sessions.

 

On a shared web host where the common default location is used for the session save path, the shortest session.gc_maxlifetime setting of all the scripts running on the server wins.

 

To get a longer session.gc_maxlifetime setting to work, you must set the session save path setting to be to a private folder within your account's folder tree.