HOW TO: make a session valid only as long as user on site?

Re: HOW TO: make a session valid only as long as user on site?

"gsb" <gsb@QWest.ne t> schrieb:
[color=blue]
> I trying to use sessions to save a user name/id after login.
> If the user leaves the site and comes back, how do I force a new session and
> login?[/color]

No chance.

Regards,
Matthias

Re: HOW TO: make a session valid only as long as user on site?

> If the user leaves the site and comes back, how do I force a new session
and login?

use cookies for this.

Re: HOW TO: make a session valid only as long as user on site?

"Bernhard Hörlberger" <shoddybuma@net way.at> schrieb:
[color=blue][color=green]
>> If the user leaves the site and comes back, how do I force a new session
>> and login?[/color]
>
> use cookies for this.[/color]

And how do you know when to resume an existing session and when to
create a new session?

Regards,
Matthias

Re: HOW TO: make a session valid only as long as user on site?

Terry Austin <taustin@hyperb ooks.com> schrieb:
[color=blue]
> Cookies have a time to live setting, referred to as the expire time. If
> unset, the cookie automatically expires when the browser is closed.[/color]

That's OK, but the question was about "leaving the site". It seems like
problem of the definition of "leaving". Does "leave" mean, that you
closed the browser? Does it mean, that you did not show any activity in
the last 5 minutes?

So, if the nameless poster calling himself "gsb" tells us what he means
with "leaving", we might give him something which you could call a
solution.

Regards,
Matthias

Re: HOW TO: make a session valid only as long as user on site?

Matthias Esken <muelleimer2003 @usenetverwaltu ng.org> wrote in
news:biaa80.1jk .1@usenet.esken .de:
[color=blue]
> Terry Austin <taustin@hyperb ooks.com> schrieb:
>[color=green]
>> Cookies have a time to live setting, referred to as the expire time. If
>> unset, the cookie automatically expires when the browser is closed.[/color]
>
> That's OK, but the question was about "leaving the site". It seems like
> problem of the definition of "leaving". Does "leave" mean, that you
> closed the browser? Does it mean, that you did not show any activity in
> the last 5 minutes?[/color]

I suspect it would *have* to mean one of those two.[color=blue]
>
> So, if the nameless poster calling himself "gsb" tells us what he means
> with "leaving", we might give him something which you could call a
> solution.
>[/color]
Cookies could be used for either. If you don't set the expire time, the
session lasts until you close the browser. If you want to set a specific
time, set the expire time for the cookie to (for instance) five minutes in
the future. If he wants to have it expire if the user leaves the site to go
elsewhere, I suspect he's out of luck, because the protocol doesn't support
that (as far as I know).


--
Larry Flynt for Governor!
Bringing dignity back to the Governor's Mansion

Terry Austin
taustin@hyperbo oks.com

Re: HOW TO: make a session valid only as long as user on site?

Terry Austin wrote:
[color=blue]
> Matthias Esken <muelleimer2003 @usenetverwaltu ng.org> wrote in
> news:biaa80.1jk .1@usenet.esken .de:
>[color=green]
>> Terry Austin <taustin@hyperb ooks.com> schrieb:
>>[color=darkred]
>>> Cookies have a time to live setting, referred to as the expire time. If
>>> unset, the cookie automatically expires when the browser is closed.[/color]
>>
>> That's OK, but the question was about "leaving the site". It seems like
>> problem of the definition of "leaving". Does "leave" mean, that you
>> closed the browser? Does it mean, that you did not show any activity in
>> the last 5 minutes?[/color]
>
> I suspect it would *have* to mean one of those two.[color=green]
>>
>> So, if the nameless poster calling himself "gsb" tells us what he means
>> with "leaving", we might give him something which you could call a
>> solution.
>>[/color]
> Cookies could be used for either. If you don't set the expire time, the
> session lasts until you close the browser. If you want to set a specific
> time, set the expire time for the cookie to (for instance) five minutes in
> the future. If he wants to have it expire if the user leaves the site to
> go elsewhere, I suspect he's out of luck, because the protocol doesn't
> support that (as far as I know).
>
>[/color]

Just have a sessions table with an expiry time, and extend it by a set number
of seconds (e.g. 480) each time they fetch a page. That way, they're automatically
logged out after (e.g.) 8 minutes of inactivity