PHP Version 4.3.3
Ok i have disabled the autostart. Now is my problem, that php us the transparent sessions, because it append it in the URL. After the login, all works fine, but after 5-6 clicks, i loose the session.
It send me a Cookie : Set-Cookie: audience=a01b3fcf7cb587eee3ac61bc83edebe4; expires=Wed, 25-Dec-1901 16:01:15 GMT; path=/; domain=www.privatmarkt.com
My mozilla is adjusted to accept all cookies. I'm confused. What is with the time? 25-Dec-1901 16:01:15 GMT!! I set the time in the futur with the following code:
session_set_cookie_params(time()+9999999, "/", $config["default"]["cookiedomain"]);
The first parameter is relative to the current time. I would recomend for security reasons to leave this to the default, 0 - until the browser is closed. Otherwise this could lead to session hijacking - when the bad guy uses your site and gets a cookie with long lifetime, he knows that the cookie with session id will be used for other users using the same browser.
Marek
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
