Hi All,
First, just wanted to say that I found what I thought was a very helpful
tutorial on sessions in case anyone out there has questions on them:
I've been using sessions for quite some time but only after reading this
do I really understand what is going on on both the client and server side.
Unfortunately, I still have some unanswered questions after reading it,
as it is pretty basic and gives a quick intro to sessions. For testing
purposes, I turned off all cookies in IE and attempted to sign into my
site on my local host, which uses sessions for signing in. In addition,
session.use_tra ns_sid = 0 in my ini file. I can't figure out how, but
somehow my scripts all still work and I am able to login fine, even
though cookies are disabled, as well as trans sid. How is my session id
being passed, as my understanding is these are the 2 possible methods?
There is no sessid propagated through the URL either, so it is not
through a get variable.
Also, I looked in my sessiondata folder and found a bunch of session
data. When I physically log out and kill a session, it removes it from
the folder. However, when I just close the browser window, it does not
remove the data from the folder. Reopening the browser right away
results in a new session and requires the user to login again, but the
old data from the previous session is still there. I checked my ini,
and found the default:
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxl ifetime = 1440
But this isn't working as far as I can tell because I have session files
from days ago, and according to this it should be deleted after 24 minutes.
Sorry for the long post, but thanks in advance for all help!!
Marcus
First, just wanted to say that I found what I thought was a very helpful
tutorial on sessions in case anyone out there has questions on them:
I've been using sessions for quite some time but only after reading this
do I really understand what is going on on both the client and server side.
Unfortunately, I still have some unanswered questions after reading it,
as it is pretty basic and gives a quick intro to sessions. For testing
purposes, I turned off all cookies in IE and attempted to sign into my
site on my local host, which uses sessions for signing in. In addition,
session.use_tra ns_sid = 0 in my ini file. I can't figure out how, but
somehow my scripts all still work and I am able to login fine, even
though cookies are disabled, as well as trans sid. How is my session id
being passed, as my understanding is these are the 2 possible methods?
There is no sessid propagated through the URL either, so it is not
through a get variable.
Also, I looked in my sessiondata folder and found a bunch of session
data. When I physically log out and kill a session, it removes it from
the folder. However, when I just close the browser window, it does not
remove the data from the folder. Reopening the browser right away
results in a new session and requires the user to login again, but the
old data from the previous session is still there. I checked my ini,
and found the default:
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxl ifetime = 1440
But this isn't working as far as I can tell because I have session files
from days ago, and according to this it should be deleted after 24 minutes.
Sorry for the long post, but thanks in advance for all help!!
Marcus
Comment