moose-en-a-gant Posted January 12, 2015 Author Share Posted January 12, 2015 Okay I will heed your warning, thank you. Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502731 Share on other sites More sharing options...
wezhind Posted January 13, 2015 Share Posted January 13, 2015 (edited) Yeah definitely read Jacques1 comments. I am aware that closing a browser doesn't necessary kill the session - it's the session timeout that does that - but that's why I included the words (if they come back a while later) - also I didn't want to add more confusion. ( I was a teacher once and am acutely aware that too much information can destroy ones ability to learn or understand as quick as too little can). Regards the 'Remember me' option - as Jacques1 stated, they are difficult to implement correctly - so I also would advise that you just forget about them for now, I was merely giving an example of 'cookie' use as opposed to 'session' use. I wasn't suggesting you used it for that purpose. Regards 'standard' being a colloquialism, no it's not. I was using it to highlight the difference between a cookie (the type saved on the users machine) and a session. They both use what are referred to as 'cookies', but act differently. So I was using 'standard' cookie to signify that I wasn't talking about a 'session' (or session cookie). Also, I don't understand why you need to use different methodologies for a mobile and one for a desktop! I have got approx. 50 websites that work on both, without a change of session code. I could be wrong, but a session is a session regardless of whether on mobile or desktop browser. Anyway, DO take note of Jacques1's concerns. Good luck. p.s. until you understand what you are doing I WOULD NOT start changing things in your php.ini file just yet - despite Jacques1's mention that you can change session settings (timeouts etc) through it. Understand what you've got already before adding more layers of complexity. Edited January 13, 2015 by wezhind Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502744 Share on other sites More sharing options...
moose-en-a-gant Posted January 13, 2015 Author Share Posted January 13, 2015 Also, I don't understand why you need to use different methodologies for a mobile and one for a desktop! Did I suggest that? That is not my intent, I just want it to work ha. It was peculiar how my windows phone would log in properly but my friend's android phone would not eg. redirected to the logged out screen. I'm going to get things built, I've got a lot to do. Thank you guys for your time really, I appreciate it Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502751 Share on other sites More sharing options...
moose-en-a-gant Posted January 13, 2015 Author Share Posted January 13, 2015 Here's a question does this remove all session values eg. how do I specify only a specific user? session_unset(); session_destroy(); Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502759 Share on other sites More sharing options...
moose-en-a-gant Posted January 13, 2015 Author Share Posted January 13, 2015 (edited) I received an error about parameters expecting 0 for session_destroy(); I passed $_SESSION['user'] in session_unset(); testing now with a friend I have a peculiar problem A is Index, B is userpanel, C is stock-interface A to B to C, session is kept eg. username However going from C to B loses the session value... wonder why that is?Going back is a link to the url of B Further, if I'm in C and I type in the primary url or index of the site eg. A, the session is kept, not sure what is going on with the back link using <a href> This also happens with my lazy reset, where it is a link to the same page, will need to check some stuff Yeah I don't understand this it is so weird, I can open up a secondary tab and I am redirected to the userpanel eg. session value is kept but it's like this "blank url" redirect where if it didn't come from a page which previously had a session, there is no session... but that doesn't make sense following the sequence I've described above. Edited January 13, 2015 by moose-en-a-gant Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502771 Share on other sites More sharing options...
wezhind Posted January 13, 2015 Share Posted January 13, 2015 I'll have to think about your second post, but regards the site logging you out on an android phone and not on the others, this may be due to the way that Chrome (which I presume is the browser they are using on the android phone) has issues with absolute filepaths for links on pages that use sessions, I only discovered that myself this week when I was told that my navigation bar (which had absolute paths i.e. http://www.mywebsite.com/somefolder/index.php) wasn't working for logged in users - they were being booted out when they clicked one, BUT only on Google Chrome (no problems with Safari, Internet Explorer etc). I can't categorically state that it IS the issue, but it might be why your friend's android phone is kicking them out. Are you using absolute paths or relative paths for your links between page A - page B and page C? Just a thought. Good luck. Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502783 Share on other sites More sharing options...
wezhind Posted January 13, 2015 Share Posted January 13, 2015 Regards session_unset() and session_destroy() make sure you have called session_start() before you use them. http://php.net/manual/en/function.session-unset.php http://php.net/manual/en/function.session-destroy.php - generally both are used. Here is a simple rundown of sessions, including session_unset() and session_destroy() usage. http://www.w3schools.com/php/php_sessions.asp Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502784 Share on other sites More sharing options...
moose-en-a-gant Posted January 13, 2015 Author Share Posted January 13, 2015 I'll have to think about your second post, but regards the site logging you out on an android phone and not on the others, this may be due to the way that Chrome (which I presume is the browser they are using on the android phone) has issues with absolute filepaths for links on pages that use sessions, I only discovered that myself this week when I was told that my navigation bar (which had absolute paths i.e. http://www.mywebsite.com/somefolder/index.php) wasn't working for logged in users - they were being booted out when they clicked one, BUT only on Google Chrome (no problems with Safari, Internet Explorer etc). I can't categorically state that it IS the issue, but it might be why your friend's android phone is kicking them out. Are you using absolute paths or relative paths for your links between page A - page B and page C? Just a thought. Good luck. I'm not sure I haven't finished the mobile section, I just spent half a day creating the new interface which may be useless for mobile phones just because of space... anyway, I will get back to this again very soon eg. later today when I wake up. I will look at this post with more detail. Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502793 Share on other sites More sharing options...
moose-en-a-gant Posted January 13, 2015 Author Share Posted January 13, 2015 Regards session_unset() and session_destroy() make sure you have called session_start() before you use them. http://php.net/manual/en/function.session-unset.php http://php.net/manual/en/function.session-destroy.php - generally both are used. Here is a simple rundown of sessions, including session_unset() and session_destroy() usage. http://www.w3schools.com/php/php_sessions.asp Yes, I looked at that, I have the loggin out working. As I said I haven't worked on the mobile aspect yet, there are problems with instantiation of sessions... It is kind of dumb but I have different interface designs for each browser, mainly because of how I have created the interfaces by floating them to the left, unfortunately depending on what browser renders the page, the borders cause "overflows" or are too wide. Anyway, between bouncing from index to browser-index, then to the interface... It's not bad per se, I just have to get everything straightened out Quote Link to comment https://forums.phpfreaks.com/topic/293734-what-is-the-ideal-proper-way-to-deal-with-sessions/page/2/#findComment-1502794 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.