Jump to content

Recommended Posts

hey guys im trying to save a session as a cookie using

session_set_cookie_params();

the problem im getting is that the session file ins't being saved in the directory i specifiy when usings session_set_cookie_params();

session_start();
session_set_cookie_params('3600', PRIVATE_DIRECTORY . 'data' . DS . 'session', $config->base_url, false, true);
ini_set('session.gc_probability', 1);
$_SESSION['foo'] = "bar";

what i want to do is save the session cookie and when user closes browser and then re-enters the site the session is still there...(unless that's not how it works)

 

any help would great thanks guys

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/
Share on other sites

I don't believe that's how it works.  It would be easier to just use set_cookie() and assign the according info you need.  Obviously with cookies (granted it would be the same if your original method had worked) you can't trust the values, so they would need to be validated in any instance.

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1510596
Share on other sites

the second parameter of session_set_cookie_params() isn't where the session data is saved on the server, it's the path on your site that the session cookie will match -
 

Path on the domain where the cookie will work. Use a single slash ('/') for all paths on the domain.

 

 
session_save_path() controls where the session data is saved on the server.

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1510597
Share on other sites

session_save_path() controls where the session data is saved on the server.

 

worked like a dream thank you.

 

now that i have the session data saved in a private directory...am i able to access it when user reopens browser and visits my site so that i can get any credentials I've stored...like timezone, language etc?

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1510609
Share on other sites

ok well i've been trying to figure a few things out with session files but have some questions if someone can please clear up.

 

1.  i can read the session file (using the code below)...which is saved as the users session_id() but if the user closes the browser how do i know what file is theirs as a new session_id() would be regenerated automatically upon revisiting....so would i know what file to load in this instance?

$contents=file_get_contents('http://localhost/scripts/session/sess_4653e1122ead235d30f928f71308c805');
session_start();
session_decode($contents);
print_r($_SESSION);

2. i set session_set_cookie_params() to 20 seconds, and was expecting the session file to be removed after then or non accessible after that period, but i still am able to read the file...

session_set_cookie_params('20', '/');

i could use the totch() function to set the modification file time and know if file has expired that way...

 

 

but if i could have some advise on how i can do these things then that would be great.

 

thanks guys

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1510692
Share on other sites

To get the users session id you can called session_id() after you have called session_start() eg.

session_start();
// get the session contents
$contents = file_get_contents('scripts/session/sess_' . session_id());

But why do you need to read the session file yourself? 

 

PHP automatically does this when you call session_start(). If you want to override how PHP handles sessions you can write your own session handler, see the documentation on session_set_save_handler

 

 

2. i set session_set_cookie_params() to 20 seconds, and was expecting the session file to be removed after then or non accessible after that period, but i still am able to read the file...

The session_set_cookie_params() function only affects the cookie not the physical session file.. The files for expired session are deleted automatically by the garbage collection process.

Edited by Ch0cu3r
Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1510695
Share on other sites

sorry for the confusion....after trying the following code before and NOT after session_start() it worked as i wanted..

session_save_path('C:\Users\Ricky\Desktop\www\scripts\session');
ini_set('session.gc_probability', 1);
ini_set('session.gc_maxlifetime', 360*72);
session_set_cookie_params(360*72, '/');

is it possible to remember only certain session values and then to set other session values just to be kept until browser closes?...seems when i alter session cookie parameters it effects every session i create from there on...

 

if not i had read about storing session_id and session values in a database which could work perfectly when it comes to giving certain values different lifespans

 

thank you

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1511079
Share on other sites

it sounds like what you are trying to do isn't what session variables are intended for. the session is just a container for server-side variables that persist between page requests. it's called a session because it's intended to only last one browser session. it's actually not normal to extend the session cookie lifetime.

 

perhaps if you state what some of these different values will be used for, someone can tell you the best way of handling each of them.

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1511183
Share on other sites

well my issue is that i save the users language ie. en and timezone offset ie, +01:00...which is saved under a session cookie for 20 days...now say for instance if a user logs in a doesn't want to be remembered (save id in session cookie)...this has become a bit difficult as lifetime is set and effects all sessions set due to this code.

ini_set('session.gc_maxlifetime', 60*30);
session_set_cookie_params(60*60*24*20, '/');

is it good practice for me to create a session table?...that way i can save sessions there making each session flexible to a lifetime?

 

or also i was thinking which may be way out there is...for each session i create a lifetime ie.

session_start();
$_SESSION['name']          = "destramic";
$lifetime                  = 60*60*2
$_SESSION['name_lifetime'] = time() + $lifetime;

hope you understand my difficulty

 

thanks yiou

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1511301
Share on other sites

user preferences (and privileges) are usually stored in a database table and retrieved on each page request. this allows them to be easily modifiable by site moderators/admins and they take effect immediately (on the next page request.) storing them in session variables means that only the visitor that the session belongs to can easily modify them or you must add a lot of unneeded complexity to make the session data find-able and editable by site moderators/admins.

 

a 'remember me' login is usually accomplished by generating a unique and hard to guess token, that's not a fixed value tied to any user information, storing that token in a cookie and storing it in the user row in a database table. in this case, the logged in/logged out state is also stored in the user row in the database table so that the only way that someone who's logged out can become logged in is for them to submit their username/password.

Link to comment
https://forums.phpfreaks.com/topic/296029-session-cookie/#findComment-1511376
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.