Actually the user is only allowed to get to any page if he has logged on. Thus all the remaining pages check to see if a session has been registered, if so then the person is allowed to to go on with his session. If the session did not exist he is redirected to a login page.
Do you still suggest that I should touch all pages. or it will suffice to change only the first page. Also if I were to create a .htaccess file that is kept in the same dir as the application, what do I need to include in that file ?
I would probably be best to do it for everytime session_start is called, as I'm not 100% sure it only needs to be done once. If you put it in a .htaccess file, you shouldn't have to do anything....more than likely, your webserver is already configured to use .htaccess. The syntax for that should be...
php_value session.gc_maxlifetime "number of seconds"
-- By-Tor.com It's all about the Rush http://www.by-tor.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
